Fortinet Community

sagha · 08-07-2022

Description This article describes the issue that can be faced when having multiple authenticated policies and having traffic dropped by FortiGate. Scope FotiGate, FortiOS Explanation There are two policies configured and both are using user authenti...

sagha · 08-01-2022

Description This article describes the issue that can be faced with shortcuts when having ADVPN configured with BGP and SD-WAN. Scope For versions 6.4, 7.0. ADVPN, BGP, IPSec. Explanation This issue occurs when shortcut is established between the Spo...

sagha · 07-12-2022

Description This article explains the scenario where IPSec Tunnel is up and traffic seems to be leaving FortiGate Azure but it is not reaching the remote end. Scope FortiGate. Solution Follow these steps: 1) Verify the IPSec ports being used on Forti...

sagha · 07-05-2022

Description This article describes the workaround for the issue on ForitGate when seeing 'Incorrect leftmost AS number' in BGP debugs Scope FortiGate, FortiOS. Solution This issue will normally be seen when the BGP peering is not establishing. Enable...

sagha · 04-18-2022

Description This article describes one of the reasons why VLAN packets are getting dropped on FortiGate. Scope FortiOS, FortiGate Solution In this scenario, the packets show up on the sniffer but are not giving any details for the reason of drop when...

sagha · 09-17-2022

Hi mumbles202, With you last edit, this looks to be resolved. If you face any issue in future, you can run dhcp relay debugs on FGT that can clarify what is going on. diag debug application dhcprelay -1 diag debug enable Thank you. Shahan Agha

sagha · 09-17-2022

Hi robert_espi, You can run debug flows and check how FGT is dealing with traffic. diag de flow filter addr x.x.x.x diag de flow filter proto 1 diag de flow trace start 100 diag de en Replace x.x.x.x with the destination address. After that, ping the...

sagha · 09-13-2022

Hi RolandBaumgaertner72, The traffic seems to be leaving the FGT interface with ping echo requests and not getting ping echo replies. Try connecting one of the host directly to the FGT on one of its interfaces. This can not be a FGT issue as the traf...

sagha · 09-13-2022

Hi, This is how you can test the bandwidth on a FGT interface: https://community.fortinet.com/t5/FortiGate/Technical-Tip-Use-cases-for-diagnose-traffictest-command/ta-p/197784 Thank you. Shahan Agha

sagha · 09-13-2022

Hi Umesh, you can view the policy ID as follow: 1. Go to policy and objects 2. Click firewall policy 3. Right click and select the option for ID. Hope this helps. Thanks Shahan Agha

Fortinet Community

User Statistics

User Activity

Technical Tip: Traffic fails to match authentication policy despite having user in auth list

Technical Tip: ISP failure causing ADVPN shortcut traffic to fail

Technical Tip: IPSec Tunnel up but no traffic being passed between FortiGate Azure and Third party device

Troubleshooting Tip: BGP debug shows the error 'Incorrect leftmost AS number'

Technical Tip: Fortigate dropping VLAN traffic, debug flows not showing any output

Re: Assistance with DHCP Relay

Re: IPSec VPN Clients Accessing Remote Subnets across Site to Site VPN

Re: Cant ping my PC directly behind the FG30E

Re: How to put load on fortigate's wan interface

Re: policy Id is not showing

Technical Tip: VXLAN over IPsec for multiple VLANs...

Re: accessing site to site VPN network while conne...

Re: How should I check SNAT pool resource?

Re: Parse all Traffic through Azure IPSEC VPN

Re: Multicast Forwarding over fortigate

Re: Sniffer theory: incomming packets are seen on ...

Re: DNAT supported on Fortigate 40F?

Re: accessing site to site VPN network while conne...

Re: Configure secondary unit in active/passive HA?

Re: Fortigate routes IPSEC traffic through DMZ int...

News & Articles

Security Research

Company

Contact Us