Description | This article describes how FortiGate chooses the source IP for local-out traffic. |
Scope | FortiGate. |
Solution |
The definition of 'Local-out traffic' stands for traffic origination from the FortiGate (self-originating traffic), destined to external servers and services. For example Syslog, FortiAnalyzer logging, FortiGuard services, remote authentication, ping or traceroutes from the FortiGate.
Normally, the FortiGate decides how to send this traffic based on its routing table (RIB).
get routing info routing-table all
It selects the IP of the outgoing interface as the source IP of the traffic.
If the interface has no IP assigned (for example, IPsec interface), it will choose the IP of the interface with the lowest index as the source IP. The traffic will still be forwarded by the interface selected by the routing table lookup.
To see the IPs assigned to the interfaces and their index numbers:
diag ip address list
|
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.