Telnet Connection Timed Out

Issue: Telnet connection timed out when accessing the CPE via the secondary management interface loop1 as shown in the figure. The disconnection happens when the user stop sending data across the telnet session (e.g. stop typing commands). Findings: Started my investigation by taking a packet capture on the Fortinet Fortigate

Continue reading

Application pyfcgid Crash

Issue: Access to Fortigate 100D web administration (GUI) wasn’t working properly. For instance, access to web filter was intermittently accessible. Platform: Fortinet Fortigate 100D using FortiOS 5.2. Solution: This issue started to happen when I used Fortiview and drill down to session logs. Then it generated this error message stating

Continue reading

Fortigate High CPU Usage

One of my Fortigate UTMs running on FortiOS 5.2 were having high CPU usage. This issue was going on for five weeks as per my monitoring tool. This wasn’t detected until I graphed all Fortigate UTM’s CPUs in one graph. My monitoring didn’t fire an alert because the threshold was

Continue reading

Fortigate Invalid Compressed Format

Issue: I tried to upgrade Fortigate 100D to latest firmware 5.0.7. After I restored to factory settings I couldn’t access it anymore using FortiExplorer so i tried consoling to it. I found out that the firmware was lost, then I tried to upload a firmware via console but I’m always

Continue reading

No socket found. Drop.

Issue: I get an error when I performed an SNMP walk on VDOMs. Debug flow logs showed “No socket found. Drop.”. Security and SNMP policies are set to allow SNMP query. id=20085 trace_id=1131 msg="vd-vdom_test received a packet(proto=17, 172.28.254.3:41678->10.151.30.42:161) from port1.3041." id=20085 trace_id=1131 msg="Find an existing session, id-0026d36d, original direction" id=20085

Continue reading

Fortigate VDOM Assignment through RADIUS

Issue: Fortinet Fortigate UTM has been setup for RADIUS authentication to allow remote administration for different levels of support staffs, customers and administrators. Also, VDOM assignment can be done through RADIUS (using RADIUS attribute – Fortinet-Vdom-Name) but this doesn’t work on FortiOS 5.x. Platform: Fortinet Fortigate UTM running FortiOS 5.x.

Continue reading

Value Conflicts with System Settings

Issue: Cannot change Fortigate from NAT to transparent mode. Error getting from the GUI is “value conflicts with system settings”. Platform: Fortinet Fortigate UTM firmware 5.x. Solution: Converting Fortigate from NAT to transparent mode from the GUI gives me this error “value conflicts with system settings” which isn’t helpful. I

Continue reading

Could not create dialup name too long

Issue:IPSec VPN to Fotigate UTM doesn’t establish. Getting an error “Could not create dialup name too long”. Platform: Fortigate UTM firmware version 5.2. Solution: I encountered this issue after upgrading Fortigate firmware from version 5.0.7 to 5.2. In the previous version, I was allowed to enter 14 characters as its

Continue reading