Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Akmostafa
New Contributor III

Created on ‎08-21-2023 03:38 AM

Antireply when traffic enters and leaves the same interaface

Hello Team,

 

I have been reviewing the below technical tip and I am concerned about the last point in the article talking about disabling anti-replay:

 

Technical Tip: Traffic handled by FortiGate for pa... - Fortinet Community

 

I believe that replay scenarios are like when a packet is received twice on different interfaces or when a packet with out-of-range sequence number is received while it belongs to an opened session, or the other scenarios described below:

 

Replay traffic scenario (fortinet.com)

Technical Note: How anti-replay works and sniffer ... - Fortinet Community

 

I have also testing configuring a scenario where traffic enters and leaves the Fortigate on the same interface, with a firewall policy to allow this traffic, and I did not have to disable anti-replay. So why it is mentioned here that traffic would be dropped unless anti-replay is disabled?

 

Technical Tip: Traffic handled by FortiGate for pa... - Fortinet Community

 

 

Labels:
1116
0 Kudos
2 REPLIES 2
kaman
Staff
Staff

Created on ‎08-21-2023 11:38 PM

When the global anti-replay option is disabled, the FortiGate does not check TCP flags in packets. The per-policy anti-replay option overrides the global setting. This allows you to control whether or not TCP flags are checked per policy.

 

Please refer to the below documents for more detailed information:

 

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Anti-replay-per-policy-when-FortiGate-is-i...
https://community.fortinet.com/t5/FortiGate/Technical-Note-How-anti-replay-works-and-sniffer-usage-f...
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Anti-Replay-option-support-per-policy/ta-p...

1077
Akmostafa
New Contributor III
In response to kaman

Created on ‎08-22-2023 01:12 AM

Thanks Kaman,

 

This has been a quite clarification from you.

 

However, I am asking about how anti-replay is relevant to the case where traffic enters and leaves Fortiagate on the same interface.

Technical Tip: Traffic handled by FortiGate for pa... - Fortinet Community

It is mentioned in the KB that anti-replay should be disabled. However, I have tested the scenario without disabling the anti-replay and it worked fine.

1070
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.