FAZVM64 using WAN not Working to receive Fortigate Logs

Dear Friends,

We have deployed one FAZVM64 (evaluation version 5.4) using the ovf for VMware vSphere with the following:

- port1 with WAN IPv4 address, e.g. 200.200.200.200

- port2 with LAN IPv4 address, e.g. 192.168.10.5

- route and gateway for interface port 1

- no firewall restrictions for WAN IP, all ports open (for tests)

- both interface ports with all services enabled

Our problem:

- if we put one Fortigate in the LAN segment and configure to connect to FortiAnalyzer, everything works great.

- if we try to configure one remote Fortigate to connect to FortiAnalyzer over WAN (direct), it doesn't work.

We have tried without success: - adjust the source-ip to match WAN IP of the remote Fortigate in config log fortianalyzer setting - adjust the enc-algorithm to low in config log fortianalyzer setting, according to https://docs.fortinet.com/uploaded/files/3421/logging-reporting-54.pdf page 26, FortiAnalyzer-VM images in evaluation mode will only be able to use low-level encryption.

Thanks in advance for any help.

Janderson Mira

TND Brasil Tecnologia da Informacao Ltda.