[Bug] Fortigate and tcpreplay

[scdit46]

From a laptop I am injecting six ICMP packets (three request packets and three response packets) to reach an interface of a Fortigate firewall (port 9).

The problem is that for some unknown reason the request packets do not reach the Fortigate interface (the command diagnose sniffer packet port9 does not display the packets),

If it injects the traffic to another laptop, I do receive both the requests and the replies. This behavior occurs with other protocols (UDP, TCP), outbound traffic does not arrive.

I have opened a case with Fortigate and the blame is placed on tcpreplay.

The fact is that I tried with a TAP to see if it was putting the packets on the cable and it was verified. That could be happening?

If I send the packets of SPAN switch to port9 of Fortigate I see all packets (request and reply) .

What is happenning?

[scdit46]

For check that I send 3 request + 3 reply to wire I connect one TAP device.

In laptop with wireshark I see 3 request and 3 reply but In Fortigate I see only 3 replys. The statistics of interface port9 of Fortigate only counts the reply paquetes.

The support Fortigate blames the use I give to the tcpreplay tool.

I don't know what I'm doing wrong, I see the packets in Wireshark of the computer connected to the TAP port monitor.

what could be happening?

[scdit46]

In this case, I have a little network (ALFA and BETA laptops connected to TAP). The Port Monitor of TAP send the traffic between ALFA and BETA. ALFA send 3 request of ping to BETA and BETA send 3 reply, then the Port Monitor of TAP send 6 paquetes and in port9 of Fortigate I see 6 packets..

What is happening?

I am lost!!