So, if you guys have a 7060E chassis and have a decent amount of traffic flowing through it I want to go ahead and warn you that WebEx may not function properly. If you are experiencing drops of video or audio and complaints of bandwidth issues chances are you are experiencing the same bug I am.
Basically, the UDP 9000 traffic that is on it’s way back to the clients is sometimes coming in on a different FPM than the one that originally processed the request. Well, apparently, the 7060E has bugs on how it shares these sessions / content tables because that causes a 10 second blip where audio, video, or both can disappear / freeze.
Very frustrating stuff that is not easily debugged.
Our work around for now until they fix the bug is a load balance flow rule that forces all UDP 9000 traffic to hit the same FPM (whichever one you choose).
Talk about pulling your hair out!
Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!
That is really interesting, my customer with a 7060E uses a lot of youtube and google apps and I get a lot of complaints that things seem “slow”, but can’t really quantify what that means. That stuff is not easily flow-rule pinned to master, as it’s mostly all 443.
Please let us know if you see any resolution, or run into other shenanigans, but thanks for posting this as warning for others supporting 7000’s!
When the issue first crept up it was specifically due to HTTPS. (killing office 365 and large downloads). The way to fix it on HTTPS was to disable tcp-options under config global.
Give that a try and let me know if you see any benefits.
If you REALLY wanted to, you could pin all HTTPS to the master….but that isn’t recommended in production (or else I would have pinned all UDP to the master or slave to solve my webex and skype issues!)