config system central-management
set fmg "IP address of the FortiManager"
set fmg-source-ip <IP of the VPN interface or Internal interface of the FortiGate>
end
config firewall policy
edit <VPN policy ID>
set tcp-mss-sender 1300
set tcp-mss-receiver 1300
end
# diagnose debug application fgfmd -1This output can be converted to Wireshark.
# diagnose debug enable
# diagnose sniffer packet <VPN interface name> "port 541" 3
# diagnose debug application fgfmsd -1
# diagnose debug enable
# diagnose sniffer packet any "host <10.241.77.2> and port 541" 3
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.