Hi Team,
We have deployed fortigate in Active/Active in GCP between 2 load balancers (external & internal).
We are facing issue in ingress traffic, in External LB both Forti-VM is healthy.
When user from the internet try to hit external IP of External LB, traffic is not hitting to FOrti-VMs.
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi Team,
Issue got resolved.
We discovered that the problem was related to Forti-OS firmware. Firmware version 7.4.0 was causing traffic disruption, to address this issue we downgraded the firmware version to 7.2.5.
Hello Mitesh,
I'm not sure if you've created firewall rule in inbound direction on GCP.
ref link: https://docs.fortinet.com/document/fortigate-public-cloud/7.4.0/gcp-administration-guide/390523/conf...
you can also check following GitHub link for Fortigate cluster setup (please note following link shows setup for Ha A-P).
https://github.com/fortinet/terraform-google-fgt-ha-ap-lb
Hello asoni,
Yes, we have created VIP & Security Policy.
Hello Mitesh,
I'm not referring VIP in fortigate. I'm referring firewall rule in GCP itself to open inbound port.
Hello Soni,
Yes, we have created inbound rule in GCP as well.
For testing purpose we launched windows-vm into APP VPC, done VPC peering between Trust VPC (Fortigate LAN Interface) & APP VPC. From internet we are able to perform RDP windows server.
We are facing issue, when traffic is coming via Global Load Balancer.
Hi Team,
Issue got resolved.
We discovered that the problem was related to Forti-OS firmware. Firmware version 7.4.0 was causing traffic disruption, to address this issue we downgraded the firmware version to 7.2.5.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1732 | |
1106 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.