Slow internet on a new install of Fortigate 60E

klau · ‎06-22-2022

I've got a Fortigate 60E v6.4.9build1966(GA) and am running into slow internet (both up and down) on a new install. I've got a fibre 1G/1G that I tested without the fortigate and was able to get advertised speeds.

I'll list what I've done to see if there's anything I'm missing or doing wrong:

setup admin profile - user and suser profiles

setup network interfaces

WAN - using ISP IPs they provided
LAN - our internal netowork

setup static route - setup the route from LAN to WAN

setup firewall policy - as a test, everything was set to allow all, flow-based, and no security profiles

I've checked the ports: 1G full duplex at both ports, auto-negotiate, and both set to physical ports

As a "just in case" I tried to slip a gig dumb switch in between and it did not help. There was a mention of TCP saw-toothing where the unit couldn't keep up with the burst in the knowlege base. But implementing it didn't help. I'm hoping there's something else I'm missing that will help with my situation. Thanks in advance!

seshuganesh · ‎06-23-2022

Hi Team,

Can you let me know if you have configured traffic shaping policy, usually this could be the issue.

Also may i know what type of wan interface you are using ?

Do you observe any high cpu or memory in the firewall?

please keep us posted

klau · ‎06-23-2022

Hi, no traffic shaping that I know of, or can spot, and CPU and memory was pretty stable at around 10-15%

I'm using WAN1 for my ISP and LAN1 for my internal.

seshuganesh · ‎06-23-2022

Hi Team,

Can you directly connect to firewall and directly connect to ISP and match the speeds?

Also, please let me know what type of ISP you are using like dhcp or pppoe?

klau · ‎06-23-2022

Presently, it's just internet -> ISP modem -> fortigate -> laptop

If I connect direct to the modem, I get advertised speeds. Connecting through the fortigate drops it to about 5%. The WAN

aionescu · ‎06-23-2022

Hi klau,

To follow up on @seshuganesh comments, I would suggest the following:

perform a HQIP test as described here: RMA Note: Hardware troubleshooting with built-in F... - Fortinet Community
perform a bandwidth test using the built-in iperf client as described in the followin glink. with a special note that, for download you should use the -R option: Technical Tip: How to perform bandwidth tests - Fortinet Community
check interface details (both WAN and LAN) using the command diagnose hardware deviceinfo nic <interface>: Cookbook | FortiGate / FortiOS 6.2.10 | Fortinet Documentation Library

klau · ‎06-23-2022

I will definitely give these a go! Thank you.

klau · ‎07-06-2022

I finally figured out what was going on. The laptop I was using had a 10/100 port, and for some reason, it slowed everything down to 10. Not entirely sure why this was happening but swapping to a 10/100/1000 port fixed it.

Slow internet on a new install of Fortigate 60E

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website