Description |
This article describes how to enable FortiGate probe traffic on the Azure load balancer. |
Scope | FortiGate. |
Solution |
In the Azure load balancer, if the FortiGate-VM probe is enabled, the Azure load balancer sends out a probe to a TCP/UDP port to verify if the VM is up and running. In the FortiGate, a specific probe config is activated on TCP/8008.
In order to probe detect in Azure load balancer, FortiGate needs to configure the below step via CLI:
# config system probe-response set port 8008 set http-probe-value "OK" set mode http-probe end
# config system interface edit "2" set ip 10.10.10.10 255.255.255.0 set allowaccess probe-response set device-identification enable set role wan set snmp-index 16
# config firewall local-in-policy edit 1 set uuid 80d9ad84-c99c-51ed-3072-b327f1deb659 set intf "port2" set srcaddr "all" set dstaddr "all" set action accept set service "TCP_8008
A sample config of Azure load balancer. |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2023 Fortinet, Inc. All Rights Reserved.