Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
vkulik
Staff
Staff

Created on ‎02-22-2010 03:45 PM Edited on ‎12-16-2021 05:13 PM By Anonymous

Technical Tip : Why do I see external traffic coming from the FortiGate IP address in the logs?

Description
When you allow access to your network from the Internet it may happen that you'll see only external firewall IP address in the logs and not actual remote client IP addresses accessing your published resources.

Scope
Fortigate, FortiOS, VIP, Virtual IP, Logs, Traffic

Solution
The issue occurs because of mis-configured firewall policy options.

When you allow access to a Virtual IP (VIP) object there is no need to enable NAT checkbox in rule properties. VIP is other word for static NAT and by creating it you already enabled NAT translation. The NAT checkbox in the rule properties is used to configure HIDE NAT and conceal traffic behind firewall IP address. In most cases there is no need to conceal Internet traffic behind the firewall IP.

vkulik_FD31859_Hide_NAT.jpg


Labels:
2066
0 Kudos
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.​

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2023 Fortinet, Inc. All Rights Reserved.