This article describes an error message that prompts IP address x.x.x.x is configured as source-ip for Web proxy incoming IP while changing the IP address on the interface via CLI console or GUI:
config system interface edit "port2" set vdom "root" set ip 10.176.2.91 255.255.240.0 set allowaccess ping https ssh http telnet set type physical set explicit-web-proxy enable set snmp-index 2 next end
FortiProxy (port2) # set ip 10.176.2.99 255.255.240.0 Error: IP address 10.176.2.91 is configured as source-ip for Web proxy incoming ip in vdom root node_check_object fail! for ip 10.176.2.99 255.255.240.0
Scope
FortiProxy v7.2, 7.4, 7.6.
Solution
Unset incoming-ip under config web-proxy explicit-proxy:
FortiProxy (web-proxy) # show config web-proxy explicit-proxy edit "web-proxy" set status enable set interface "port2" set socks enable set http-incoming-port 8080 set https-incoming-port 8080 set socks-incoming-port 15900 15800 15950 15850 45038 set incoming-ip 10.176.2.91 set unknown-http-version best-effort set pac-file-server-status enable set pac-file-server-port 8080 next end
FortiProxy (web-proxy) # unset incoming-ip FortiProxy (web-proxy) # end
Go to the config system interface and edit port2:
FortiProxy(port2) # set ip 10.176.2.99 255.255.240.0 FortiProxy(port2) # end
Note:
Configure the back set incoming-ip once the IP address is changed on the Interface
