Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
msolanki
Staff
Staff

Created on ‎03-24-2023 01:45 AM Edited on ‎03-24-2023 02:50 AM By Community Manager

Article Id 250184

Technical Tip: FortiGate-VM probe on Azure load balancer

Description

This article describes how to enable FortiGate probe traffic on the Azure load balancer.
Scope FortiGate.
Solution

In the Azure load balancer, if the FortiGate-VM probe is enabled, the Azure load balancer sends out a probe to a TCP/UDP port to verify if the VM is up and running.

In the FortiGate, a specific probe config is activated on TCP/8008.

 

In order to probe detect in Azure load balancer, FortiGate needs to configure the below step via CLI:

 

# config system probe-response

    set port 8008

    set http-probe-value "OK"

    set mode http-probe

end

 

# config system interface

    edit "2"

        set ip 10.10.10.10 255.255.255.0

        set allowaccess probe-response

        set device-identification enable

        set role wan

        set snmp-index 16

 

# config firewall local-in-policy

    edit 1

        set uuid 80d9ad84-c99c-51ed-3072-b327f1deb659

        set intf "port2"

        set srcaddr "all"

        set dstaddr "all"

        set action accept

        set service "TCP_8008

 

A sample config of Azure load balancer.
1065
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.​

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2023 Fortinet, Inc. All Rights Reserved.