Description
This article describes that in a FortiGate where the Windows Optimization feature is disabled, the TCP Windowing is a parameter configured and negotiated exclusively between a Host device and a Server application. A FortiGate unit does not influence its formation, control or manipulate how it behaves.
Scope
FortiGate.
Solution
To show the client that the FortiGate does not change, affect, or block the TCP Windowing Scaling, a TCP test can be used to verify it's status on both ends of the connection and on the FortiGate unit:
On the Server application side, run the 'iperf' command:
# iperf -s
Run the same command on the Host device:
# iperf -c <server @ IP> -i -t 30
On the FortiGate, run a 'sniffer packet capture' on the LAN and WAN interfaces to confirm the TCP windows size used between the client and the Server:
diag sniffer packet any 'host <client-IP> and host <server-IP>' 6 0 a
Related article:
Troubleshooting Tool: Using the FortiOS built-in packet sniffer