New Member

Question

Fortiexender integration on an Fortgate 51E with FortiOS 6.2.x

Forum|Forum|1 year ago
May 27, 2024
5 replies
1862 views

Hello all,

i tested here 2 things:

Fortigate 60E + Fortiexender 201E and Fortigate 51E + Fortiexender 201E

On both it is working fine. With and without ip-passthrough (capwap). So the goal is in this situation "Fortigate 51E + Fortiexender 201E". But there is big difference between the fortiOS 6.2 and 7.4. On 6.2 i can't find an option for access directly to the fortigate for management over WAN. Please see the attached screenshot.

1 = Capwap to the fortiexender

2 = the generated lte interface

if i open 2 i can only see the serial from the extender. On the fortigate 60E with OS 7.4.x i can to the same like an normal wan interface. Does it work differently with the 51E? And yes i know with this public ip it will not work (happynet), but if I can't configure it? Or are the settings of WAN2 valid for the release of the Fortiagte Interace?

I would then also like to create IPSEC side2side with more Fortigates.

Very thanks

Kind regards

Anthony_E

Staff

Hello fireon,

Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.

Thanks,

Best Regards

Anthony_E

Staff

Hello fireon,

We are still looking for someone to help you.

We will come back to you ASAP.

Regards,

Best Regards

Anthony_E

Staff

Hello,

This document can maybe help you:

https://docs.fortinet.com/document/fortiextender/7.4.0/fos-fext-compatibility-matrix

Id not, do not hesitate to tell us and we will continue to look at your question.

Regards,

Best Regards

fireonAuthor

New Member

Thanks for the matrix. According to this, I am even in the (R) Recommended range. I can test it on site next week with the right SIM. I'll let you know what works and what doesn't.

Anthony_E

Staff

Thank you fireon :)!

Best Regards

fireonAuthor

New Member

Hello all, I've tested this here with the right simcard. A side2side connection with the 2 Fortigates over the DDNS is working. But a directaccess to the fortigate with the fortiexender is not posible. If i do an nmap to the public IP i got this crazy output:

PORT     STATE SERVICE 21/tcp   open  ftp 25/tcp   open  smtp 53/tcp   open  domain 80/tcp   open  http 110/tcp  open  pop3 143/tcp  open  imap 443/tcp  open  https 445/tcp  open  microsoft-ds 2000/tcp open  cisco-sccp 5060/tcp open  sip 8010/tcp open  xmpp

What kind of device is responding? Neither the Fortigate nor the Fortiexender has anything enabled. Accesses are blocked by trusted hosts.

Also the firewall policy at the fortiexender is only one from lan to the Internet.

So really strange behavior.

fireonAuthor

New Member

Ok, it looks like the provider is still interposing a network. hmm... there's probably nothing you can do...? 213.94.64.0/18

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded