Skip to main content
Aadar-Soomro
Aadar-Soomro
New Member
August 11, 2025
Question

FortiADC Client Access issue

  • August 11, 2025
  • 2 replies
  • 569 views

Dear Community Members,

 

I have setup my FortiADC (192.168.1.142-MGT IP) on VMware Esxi host. i have to create LAB setup. I configured 2 real servers (192.168.1.4- 192.168.1.8) and added those real servers into single pool and created 1 virtual server (192.168.1.200). I have enabled IIS service on both real servers. when my client (192.168.1.9) hits the virtual server address (192.168.1.200) in browser, it gets Err_CONNECTION_TIMED_OUT. while my virtual servers have reachability to both real servers and virtual server is also pingable from the client machine, this has been confirmed with health check options via Http profile. Any one from the community could help me out. network flow is mentioned below

 

Client (192.168.1.9) ---> FortiADC (192.168.1.142) ---> Virtual Server (192.168.1.200) ---> Real servers Pool

 

Thanks

2 replies

AEK
SuperUser
AEK
SuperUser
August 12, 2025

Hello Aadar

In such case (client, ADC and real servers are all in one subnet) if your ADC is not in reverse proxy mode then the back-end servers will return the response directly to the client (you can check with sniffer), and the client will refuse these packet, since it is not expecting any return from the back-end servers, but is expecting them from the ADC instead.

AEK
bohanvo2
bohanvo2
New Member
August 12, 2025

I've got to give it to Fortinet for keeping an eye on its competition and capitalizing when it sees an opportunity. They did the same thing when Extreme Networks changed their entire licensing model practically overnight and gave existing, long-time customers no alternative. They (we) left in droves. Many salespeople and engineers left the company as well.

Terms & ConditionsAccessibility statement