Description
This article describes the scenarios where the GTP inspection is not happening.
Scenario 1:
The unit was deployed as FortiGate and an additional license for FortiCarrier was acquired to inspect GTP traffic.
Once the FortiCarrier license was applied and config restored, it was noticed that the GTP log inspection is not happening.
Scenario 2:
GTP inspection is not happening and no logs for GTP traffic are available.
Scope
FortiCarrier licensed units.
Solution
For GTP inspection to happen, the unit relies on the session-helper.
Check the config for session-helper.
Scenario 1:
By default, if the FortiCarrier license is not enabled, the GTP session-helpers are not enabled in the configuration.
When FortiCarrier license is enabled, the session-helpers are enabled.
But when the config is restored, the previous config will have them disabled and hence the GTP logging will not happen.
To have GTP inspection and logging, add the following to the new config.
# config global
# config sys session-helper
edit 21
set name gtp-c
set protocol 17
set port 2123
next
edit 22
set name gtp-u
set protocol 17
set port 2152
next
end
Scenario 2:
Check the session-helper configuration and traffic logs to see whether the GTP port numbers passing through matches the configuration.
