Telnet Connection Timed Out

Issue: Telnet connection timed out when accessing the CPE via the secondary management interface loop1 as shown in the figure. The disconnection happens when the user stop sending data across the telnet session (e.g. stop typing commands).

Findings: Started my investigation by taking a packet capture on the Fortinet Fortigate 100D. The packet capture […]

Application pyfcgid Crash

Issue: Access to Fortigate 100D web administration (GUI) wasn’t working properly. For instance, access to web filter was intermittently accessible.

Platform: Fortinet Fortigate 100D using FortiOS 5.2.

Solution: This issue started to happen when I used Fortiview and drill down to session logs. Then it generated this error message stating the application pyfcgid crash. I […]

Fortigate High CPU Usage

One of my Fortigate UTMs running on FortiOS 5.2 were having high CPU usage. This issue was going on for five weeks as per my monitoring tool. This wasn’t detected until I graphed all Fortigate UTM’s CPUs in one graph. My monitoring didn’t fire an alert because the threshold was set to 80% and above.

[…]

Fortigate Invalid Compressed Format

Issue: I tried to upgrade Fortigate 100D to latest firmware 5.0.7. After I restored to factory settings I couldn’t access it anymore using FortiExplorer so i tried consoling to it. I found out that the firmware was lost, then I tried to upload a firmware via console but I’m always getting this error no matter […]

No socket found. Drop.

Issue: I get an error when I performed an SNMP walk on VDOMs. Debug flow logs showed “No socket found. Drop.”. Security and SNMP policies are set to allow SNMP query.

id=20085 trace_id=1131 msg="vd-vdom_test received a packet(proto=17, 172.28.254.3:41678->10.151.30.42:161) from port1.3041." id=20085 trace_id=1131 msg="Find an existing session, id-0026d36d, original direction" id=20085 trace_id=1131 msg="No socket found. […]

Fortigate VDOM Assignment through RADIUS

Issue: Fortinet Fortigate UTM has been setup for RADIUS authentication to allow remote administration for different levels of support staffs, customers and administrators. Also, VDOM assignment can be done through RADIUS (using RADIUS attribute – Fortinet-Vdom-Name) but this doesn’t work on FortiOS 5.x.

Platform: Fortinet Fortigate UTM running FortiOS 5.x.

Solution: From RADIUS logs, correct […]

Value Conflicts with System Settings

Issue: Cannot change Fortigate from NAT to transparent mode. Error getting from the GUI is “value conflicts with system settings”.

Platform: Fortinet Fortigate UTM firmware 5.x.

Solution: Converting Fortigate from NAT to transparent mode from the GUI gives me this error “value conflicts with system settings” which isn’t helpful. I tried looking for dependencies but […]

Could not create dialup name too long

Issue:IPSec VPN to Fotigate UTM doesn’t establish. Getting an error “Could not create dialup name too long”.

Platform: Fortigate UTM firmware version 5.2.

Solution: I encountered this issue after upgrading Fortigate firmware from version 5.0.7 to 5.2. In the previous version, I was allowed to enter 14 characters as its IPSec VPN phase 1 name […]