Fortinet black logo

Administration Guide

Home FortiNDR 7.1.0 Administration Guide
7.1.0
7.4.3
7.4.2
7.4.1
7.4.0
7.2.3
7.2.2
7.2.1
7.2.0
7.1.0
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0

Troubleshoot ICAP and OFTP connection issues

Troubleshoot ICAP and OFTP connection issues

To check ICAP traffic in port1:

Use the CLI command:

diagnose sniffer packet port1 'port 1344 or port 11344' 6 0

To check OFTP traffic in port1:

Use the CLI command:

diagnose sniffer packet port1 'port 514' 6 0

To verify a device is authorized:

Go to Security Fabric > Device Input and check the Authorized column.

To verify All Supported Files are enabled in FortiGate:

Go to Security Profiles > AntiVirus and verify Send files to FortiSandbox for inspection is set to All Supported Files.

To verify the firewall policy is not blocking the connection:

Check if firewall policy is blocking ICAP port 1344, 11344 and OFTP port 514.

Previous
Next

Troubleshoot ICAP and OFTP connection issues

To check ICAP traffic in port1:

Use the CLI command:

diagnose sniffer packet port1 'port 1344 or port 11344' 6 0

To check OFTP traffic in port1:

Use the CLI command:

diagnose sniffer packet port1 'port 514' 6 0

To verify a device is authorized:

Go to Security Fabric > Device Input and check the Authorized column.

To verify All Supported Files are enabled in FortiGate:

Go to Security Profiles > AntiVirus and verify Send files to FortiSandbox for inspection is set to All Supported Files.

To verify the firewall policy is not blocking the connection:

Check if firewall policy is blocking ICAP port 1344, 11344 and OFTP port 514.

Previous
Next