Skip to main content
hiroki3
hiroki3
Visitor III
November 5, 2024
Solved

FortiGuard updates using a proxy server

  • November 5, 2024
  • 1 reply
  • 1862 views

I want to check the IP address of the sender so that it is not blocked by the policy of the security device up to the proxy server.
The following settings are included in order to use a proxy server when updating signatures or renewing licenses.
At this time, which source IP address should be used for packets originating from Fortigate?
Is it the Mgmt port? Or is it an interface for data communication close to the proxy server?


config system autoupdate tunneling
set status enable
set address “10.**. **. **” ⇒ IP address of the proxy server
set port 8080

 

Best answer by funkylicious

Hi,

If I'm not mistaken, if you have the mgmt port configured it will use it, if not then it will be the interface that as a route/closest to the proxy.

 

https://docs.fortinet.com/document/fortigate/7.0.5/cli-reference/110620/config-system-fortiguard

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Using-dedicated-management-interface-for/ta-p/228972

1 reply

funkylicious
SuperUser
funkyliciousAnswer
SuperUser
November 5, 2024

Hi,

If I'm not mistaken, if you have the mgmt port configured it will use it, if not then it will be the interface that as a route/closest to the proxy.

 

https://docs.fortinet.com/document/fortigate/7.0.5/cli-reference/110620/config-system-fortiguard

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Using-dedicated-management-interface-for/ta-p/228972

"jack of all trades, master of none"
    hiroki3
    hiroki3Author
    Visitor III
    November 5, 2024

    Thanks for the quick reply.
    You mean whether the “set source-ip” setting is included in the ”config system fortiguard”.
    I just looked and the setting was not included.
    In this case, I assume that the interface close to the proxy will be used, but if you know how to check which interface is actually used by Fortigate, I would appreciate it if you could let me know.

    hiroki3
    hiroki3Author
    Visitor III
    November 5, 2024

    The packet capture confirmed the IP address of the interface for data as the source.
    Thank you.

    I saw a DNS packet for “globalfctupdate.fortinet.net”.

    Terms & ConditionsAccessibility statement