Debug

Traffic should come in and leave the FortiGate. If not, proceed with a debug flow as follows:
diag debug enable
dia debug console timestamp enable
diag debug flow show console enable
diag debug flow filter add or diag debug flow filter add diag debug flow trace start 100 < == this will display 100 packets for this flow
diag debug enable

To stop all other debug, type:
diag debug flow trace stop

One further step is to look at the firewall session. For this, some filters may be used to reduce the output; see the following example:
diag sys session filter src PC1
diag sys session list
or
diag sys session filter dst PC1
diag sys session list

To clear all sessions corresponding to a filter:
diag sys session filter dst PC1
diag sys session clear

config system settings
set asymroute disable
end

(788)

Leave a Reply

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload the CAPTCHA.