- Forums
- Knowledge Base
- Customer Service
- FortiGate
- FortiClient
- FortiAP
- FortiAnalyzer
- FortiADC
- FortiAuthenticator
- FortiBridge
- FortiCache
- FortiCarrier
- FortiCASB
- FortiConnect
- FortiConverter
- FortiCNP
- FortiDAST
- FortiDDoS
- FortiDB
- FortiDNS
- FortiDeceptor
- FortiDevSec
- FortiDirector
- FortiEDR
- FortiExtender
- FortiGate Cloud
- FortiGuard
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiManager
- FortiMonitor
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPortal
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiSandbox
- FortiSASE
- FortiScan
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- Wireless Controller
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
- Fortinet Community
- Forums
- Support Forum
- Firewall blocks high-traffic network connections
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Firewall blocks high-traffic network connections
Hello.
First of all, I am sorry that the sentence is not smooth because I used a translator.
I am a FortiGate 100D user.
Create three hardware switch interfaces on the firewall and use a DHCP server.
And I created an IPv4 policy to enable communication between each interface.
However, if there is a lot of traffic during communication, the firewall blocks the network connection.
Why is that?
Labels:
- Labels:
-
FortiGate v5.4
6 REPLIES 6
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello @newbie92 ,
Can you please specify which network connection firewall is blocking ?
As you mentioned you have created an IPv4 policy to enable communication between each interface, is it not happening ?
Created on 08-23-2023 05:02 PM Edited on 08-23-2023 05:16 PM
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello, @rtichkule.
Thank you for your interest in my problem.
The configured IPv4 policy is operating normally, and smooth communication is possible for each interface.
However, sending and receiving many files will block the client, which is a problem for all clients.
For example, when a client with IP 192.168.100.26 downloads a file from a server with IP 192.168.200.200, it is blocked while downloading data normally.
It's a pity that I can't attach the log because I don't know how to view it.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Even if you ping test multiple clients at the same time, the network is blocked.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
Thank you for the information. As I understand both the source and destination is behind the same firewall and you are facing issues in accessing multiple files at the same time.
Could you confirm if you are getting any error when the connection gets blocked? Also, Could you check the logs under the logs and reports by filtering the source and destination IP to check if you are able to see any relevant logs for connection getting blocked.
Regards,
Vimala
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Of course, I'd be happy to clarify!
The firewall is currently blocking specific high-traffic network connections. Unfortunately, without more detailed information about the nature of these connections and the associated rules and configurations, it's challenging to pinpoint the exact connections being affected.
You mentioned that you've established an IPv4 policy to facilitate communication between each interface. If this policy is properly configured, it should allow traffic to flow between these interfaces as intended. However, there are a few aspects to consider in this context:
Policy Verification: Verify that your IPv4 policy is correctly defined to allow communication between the relevant interfaces. Double-check the source and destination zones, IP ranges, ports, and protocols specified in the policy. Any discrepancies could potentially lead to blocked connections.
Logging and Monitoring: Enable logging for your firewall rules, particularly for the policy in question. This will generate logs detailing the traffic that is processed by the policy. By reviewing these logs, you can identify if the firewall is indeed blocking certain connections and gather insights into why they are being blocked.
Traffic Patterns: Examine the traffic patterns associated with the blocked connections. Are there any commonalities among the connections being blocked? This could include specific ports, protocols, or IP addresses. Understanding these patterns can provide valuable clues about the nature of the issue.
Security Profiles and Threat Detection: If your firewall employs security profiles to scan traffic for threats, it's possible that certain high-traffic connections are triggering these profiles and subsequently being blocked. Review the settings of these profiles and analyze whether legitimate traffic is being mistaken for malicious content.
Resource Utilization: High-traffic connections might strain system resources. Monitor the firewall's resource utilization during periods of high traffic to ensure that it's not leading to automatic connection blocks.
NAT and Routing Analysis: Inspect your network address translation (NAT) and routing configurations. Incorrect settings could potentially divert traffic away from its intended path, resulting in blocked connections.
Rule Order and Precedence: Ensure that the order of your firewall rules is appropriate. Rules are processed sequentially, so a higher-priority rule could inadvertently block traffic before it reaches the intended rule allowing it.
Support and Assistance: If you've thoroughly reviewed these aspects and are still encountering challenges, consider seeking assistance from your firewall's technical support or consulting with network experts who can provide specific insights into your configuration.
In essence, understanding the nature of the blocked connections and meticulously assessing the associated rules and configurations will help you identify the root cause of the issue and take the necessary steps to resolve it. Mesas DE Billar
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Certainly, I'd be glad to help!
The situation you're describing, where your firewall is blocking high-traffic network connections, can be quite frustrating. This issue could arise due to a variety of reasons, and addressing it effectively involves a systematic approach to troubleshooting. Here's a comprehensive solution to consider:
Review Firewall Rules: Begin by carefully reviewing your firewall rules. Make sure that the rules governing high-traffic connections are properly configured. Verify that the rules are allowing the intended traffic and are not inadvertently set to block or deny it.
Traffic Logs Examination: Investigate the firewall's traffic logs to understand why high-traffic connections are being blocked. The logs should provide insights into which rule or security feature is triggering the block. This information is pivotal in diagnosing the root cause.
Resource Utilization Analysis: High-traffic situations can strain system resources such as CPU and memory. Monitor these resources during periods of increased traffic to ensure they're not reaching critical levels. Inadequate resources can lead to automatic connection blocks.
Security Profiles Check: Some firewalls include security profiles that inspect traffic for threats. While these profiles enhance security, they can inadvertently flag legitimate traffic as malicious. Examine your security profiles, ensuring that they are appropriately configured and not overzealous in blocking valid connections.
Update Firmware and Security Definitions: Keeping your firewall's firmware and security definitions up to date is crucial. Regular updates often include bug fixes, performance enhancements, and new threat definitions that can help mitigate issues like false positives in traffic blocking.
Session Limit Consideration: Some firewalls have session limits in place to prevent overwhelming the system. If high-traffic connections are causing numerous simultaneous sessions, review and adjust these limits if necessary.
Quality of Service (QoS) and Traffic Shaping: Implement Quality of Service (QoS) and traffic shaping policies to manage and prioritize network traffic. These tools can help ensure that high-traffic connections don't negatively impact other essential services.
Network Address Translation (NAT) and Routing Verification: Check your Network Address Translation (NAT) and routing configurations. Incorrect settings can lead to traffic not reaching its intended destination, potentially triggering the firewall to block connections.
Firewall Performance Monitoring: Employ firewall performance monitoring tools to gain insights into the firewall's behavior during high-traffic periods. This data can help identify patterns and potential bottlenecks.
Technical Support Engagement: If you've exhausted your troubleshooting efforts without resolution, consider reaching out to the firewall's technical support or consulting with network professionals. They can provide tailored guidance based on your specific setup.
Remember, the key to addressing this issue lies in a patient and systematic approach. By meticulously examining your firewall's configuration, logs, and performance metrics, you're better equipped to identify the exact cause of the issue and take appropriate corrective actions. Apply4u
Related Posts
- Wifi access with Single Sign-ON 6 Views
- Users do not get VLANs DHCP... 11 Views
- FortiGate IP address Policy Restriction 55 Views
- 'Authentication failure' error - FortiGate admin... 124 Views
- Limited Network 142 Views
Labels
-
FortiGate
6,548 -
FortiClient
1,306 -
5.2
801 -
5.4
639 -
FortiManager
563 -
6.0
416 -
FortiAnalyzer
415 -
5.6
362 -
FortiAP
336 -
FortiSwitch
333 -
FortiClient EMS
264 -
6.2
251 -
FortiMail
243 -
FortiAuthenticator v5.5
234 -
5.0
196 -
FortiWeb
151 -
6.4
128 -
FortiNAC
106 -
FortiGuard
102 -
FortiSIEM
89 -
FortiGateCloud
87 -
FortiCloud Products
84 -
IPsec
73 -
FortiToken
71 -
Customer Service
69 -
4.0MR3
64 -
SSL-VPN
60 -
Wireless Controller
58 -
FortiProxy
44 -
FortiADC
43 -
Fortivoice
41 -
FortiEDR
39 -
FortiGate v5.4
34 -
FortiDNS
34 -
FortiExtender
32 -
FortiSandbox
31 -
FortiSwitch v6.4
28 -
Firewall policy
24 -
FortiConnect
24 -
SD-WAN
24 -
FortiWAN
22 -
VLAN
21 -
FortiConverter
21 -
High Availability
20 -
FortiPortal
18 -
ZTNA
16 -
FortiSwitch v6.2
16 -
FortiGate v5.2
16 -
FortiAuthenticator
15 -
FortiMonitor
14 -
Certificate
14 -
DNS
13 -
FortiDDoS
13 -
SAML
12 -
BGP
12 -
FortiGate v5.0
12 -
Routing
12 -
Interface
12 -
FortiCASB
12 -
Logging
11 -
LDAP
10 -
FortiRecorder
10 -
VDOM
10 -
FortiWeb v5.0
9 -
FortiManager v5.0
9 -
Virtual IP
9 -
NAT
9 -
4.0MR2
9 -
RADIUS
8 -
Traffic shaping
8 -
SSID
7 -
RMA Information and Announcements
7 -
FortiSOAR
7 -
SSL SSH inspection
7 -
fortilink
7 -
FortiAnalyzer v5.0
7 -
IP address management - IPAM
7 -
FortiGate v4.0 MR3
7 -
Admin
7 -
4.0
7 -
Security profile
6 -
Authentication
6 -
FortiBridge
6 -
Fortigate Cloud
6 -
Traffic shaping policy
5 -
SNMP
5 -
SSO
5 -
Application control
5 -
FortiManager v4.0
5 -
Static route
5 -
FortiDirector
4 -
WAN optimization
4 -
Web application firewall profile
4 -
DNS Filter
4 -
FortiTester
4 -
FortiCarrier
4 -
FortiCache
4 -
OSPF
4 -
3.6
4 -
FortiScan
4 -
Proxy policy
4 -
IPS signature
3 -
packet capture
3 -
FortiToken Cloud
3 -
FortiAP profile
3 -
Automation
3 -
Intrusion prevention
3 -
DoS policy
3 -
FortiDB
3 -
Port policy
3 -
FortiDeceptor
2 -
FortiInsight
2 -
NAC policy
2 -
Antivirus profile
2 -
VoIP profile
2 -
Traffic shaping profile
2 -
Web profile
2 -
FortiAI
2 -
FortiHypervisor
2 -
Netflow
2 -
trunk
2 -
Fortinet Engage Partner Program
2 -
TACACS
1 -
4.0MR1
1 -
Schedule
1 -
Users
1 -
SDN connector
1 -
Subscription Renewal Policy
1 -
FortiCWP
1 -
FortiNDR
1 -
FortiPAM
1 -
Application signature
1 -
Web rating
1 -
Authentication rule and scheme
1 -
FortiManager-VM
1 -
Multicast routing
1 -
Email filter profile
1 -
Zone
1 -
Internet Service Database
1 -
Explicit proxy
1 -
System settings
1
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2024 Fortinet, Inc. All Rights Reserved.