Chapter 18 Troubleshooting : Life of a Packet : Example 1: client/server connection
  
Example 1: client/server connection
The following example illustrates the flow of a packet of a client/web server connection with authentication and FortiGuard URL and antivirus filtering.
This example includes the following steps:
Initiating connection from client to web server
1. Client sends packet to web server.
2. Packet intercepted by FortiGate unit interface.
2.1 Link level CRC and packet size checking. If the size is correct, the packet continues, otherwise it is dropped.
3. DoS sensor - checks are done to ensure the sender is valid and not attempting a denial of service attack.
4. IP integrity header checking, verifying the IP header length, version and checksums.
5. Next hop route
6. Policy lookup
7. User authentication
8. Proxy inspection
8.1 Web Filtering
8.2 FortiGuard Web Filtering URL lookup
8.3 Antivirus scanning
9. Source NAT
10. Routing
11. Interface transmission to network
12. Packet forwarded to web server
Response from web server
1. Web Server sends response packet to client.
2. Packet intercepted by FortiGate unit interface
2.1 Link level CRC and packet size checking.
3. IP integrity header checking.
4. DoS sensor.
5. Proxy inspection
5.1 Antivirus scanning.
6. Source NAT.
7. Stateful Policy Engine
7.1 Session Tracking
8. Next hop route
9. Interface transmission to network
10. Packet returns to client
 
This process is illustrated in Figure 320.
Figure 320: Client/server connection