|
Anyone with the same issue must identify no source-IP set in the configuration.
When something is configured with source-ip, The 'set source-IP' and 'set interface-select-method any' commands used for management tools like Syslog, Netflow, etc. cause the issue; the above management traffic is sent out the WWAN interface when the device initially turns on because the tunnels are not yet up.
When Verizon's network security detects traffic from x.x.x.x, an IP source violation occurs, causing the FortiGate WWAN interface to malfunction.
To avoid this:
- Try to create an automation stitch, so when the firewall reboots, it will remove all the source-IP, or any specific interface configured the force the traffic.
- Check the event ID for particular logs, so the firewall capture correct triggers and force changes to the configuration.
- Once the firewall and the WWAN interface are up, run another script to revert changes as before.
For Automation stitch:
https://docs.fortinet.com/document/fortigate/7.2.0/new-features/108345/system-automation-actions-to-...
Here is the simple Script for example:
Event ID: 20099 is used when the event occurs on the interface (UP or Down).
Event ID: 32009 when the Firewall reboot.
|
