Fortigate – Diag Debug

Run this commands on forti cli

diag debug reset
diag debug enable
diag debug console timestamp enable
diag debug flow filter clear
diag debug flow filter proto 1
diag debug flow filter addr X.X.X.X
diag debug flow show console enable
diag debug flow show function-name enable
diag debug flow trace start 1000

Where X.X.X.X is the IP address of a valid host in the remote subnet you are trying to reach. To stop the debug, type: “diag debug disable” and “diag debug reset”.

diag debug flow
diag sniffer packet any | grep XXX.XXX.XXX.XXX