Description This article describes why users on certain PCs see the
following error: Policy restriction! No policy matched! End-point SN
miss matched. SN: 41D09397CECDAAF6CBB523F18508CF82xxxxxxxx ID:
45311937327F4C6B8A542432xxxxxxxx Timestamp: 167702...
Description This article describes when a user reports that the network
is having slowness, intermittence, or disconnection for certain
applications or general connections. Scope FortiGate. Network
Equipments. Possibilities. There are several possibi...
DescriptionThis aticle will share common possibilities that trigger High
Availability intermittence issue. The HA design is working during the
implementation based on existing units, VLAN, cabling and and so on.
However, after quite some time, the HA...
Description In some cases, the network does not work due to the DNS
server being down or intermittently available. The DNS server is
necessary to resolve domains/URLs to IP addresses.If the DNS server is
unable to resolve, the domain will not be reac...
DescriptionIt is very common to configure LACP to increase a bandwidth
and having a failover capability. LACP basically combining multiple port
and works as 1 physical cable. However, due to certain scenario, the
LACP can not work as per expectation....
Hi @khalilbouzaiene1 ,Yes. Very likely routing issue.FGT-A seems never
send the traffic to FGT-B.Based on the sniffer, you should see IN and
OUT.From there, you can identify if traffic from FGT-A left to the
correct outbound or
not.https://community....
Hi @khaled_omar ,Good day to you.Please verify on the SDWAN SLA
performance.Make sure you set the ideal threshold value for the "SLA
target" and "Link status".Too low value may introduce SDWAN flapping.You
may consider this value:Protocol : Ping Serv...
Hi @khalilbouzaiene1 Thank you for the debug result.Please focus on 1
way traffic 1st.Ping from 192.168.1.2 to FW-B 10.0.0.2 When you do
sniffer, does the ping received on FW-B?diag sniffer packet any 'host
10.0.0.2 and icmp' 4 0(run this on FW-A and...
There are some possibilities i can see: 1. FW-A did not route 10.0.0.2
to FW-B. Check active routing on FW-A. 2. FW-B policy block traffic to
10.0.0.2. The best way to verify if traffic is sent/receive correctly is
by sniffer(run on both FW-A and FW-...
Hi @khalilbouzaiene1 Thank you for the respond.Looks like anything
behind the fortigate peer is not reachable.Please test this scenario:On
Fortigate2(peer side), please ping 10.0.0.2.We need to make sure this
Fortigate2 itself able to reach 10.0.0.2....