Description |
This article describes issues that may arise after a firmware upgrade from 6.4.x to 7.0.x,7.2.x, or 7.4.x if the users are accessing public websites over IPsec VPN and a firewall policy is set to flow-based inspection mode with a UTM profile applied to it.
Following is an example of a Topology that may encounter the issue:
MTU settings on all involved interfaces are kept default and in this case, the MTU of the IPSec tunnel interface is 1420 bytes. |
Scope |
FortiOS 7.0.x, 7.2.x ,7.4.x Flow-based inspection for traffic transiting from IPSec Tunnel to WAN interface. This issue is expected to be fixed in 7.2.6 and 7.4.1. |
Solution |
Following are the workarounds that can be used:
|
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.