Chapter 5. Troubleshooting
As seen earlier in Chapter 1, First Steps, a FortiGate unit is a UTM device. However, we also know that the appliance, in addition to the security features, has comprehensive capabilities for VLAN management, routing, VPNs, and high availability. Troubleshooting a FortiGate requires a structured approach to locate which one of the different levels or features is triggering the problem. To make the explanation easier, we will divide troubleshooting into five general areas:
Routing
Security policies and profiles
Virtual domains
VPN
High Availability
In this chapter we will focus on diagnostic tools that are (for the most part) based on the CLI. To troubleshoot the aforementioned five areas, we will start from a group of tools dedicated to hardware diagnostics, then we will see a group of commands to identify errors related to layers 2 and 3 of the TCP/IP stack and a group of diagnostic controls focused on the higher level features.
