We have deployed fortigate in Active/Active in GCP between 2 load balancers (external & internal).
We are facing issue in ingress traffic, in External LB both Forti-VM is healthy.
When user from the internet try to hit external IP of External LB, traffic is not hitting to FOrti-VMs.
Go to Solution.
Issue got resolved.
We discovered that the problem was related to Forti-OS firmware. Firmware version 7.4.0 was causing traffic disruption, to address this issue we downgraded the firmware version to 7.2.5.
View solution in original post
I'm not sure if you've created firewall rule in inbound direction on GCP. ref link: https://docs.fortinet.com/document/fortigate-public-cloud/7.4.0/gcp-administration-guide/390523/conf...you can also check following GitHub link for Fortigate cluster setup (please note following link shows setup for Ha A-P).https://github.com/fortinet/terraform-google-fgt-ha-ap-lb
Yes, we have created VIP & Security Policy.
I'm not referring VIP in fortigate. I'm referring firewall rule in GCP itself to open inbound port.
Yes, we have created inbound rule in GCP as well.
For testing purpose we launched windows-vm into APP VPC, done VPC peering between Trust VPC (Fortigate LAN Interface) & APP VPC. From internet we are able to perform RDP windows server.
We are facing issue, when traffic is coming via Global Load Balancer.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2023 Fortinet, Inc. All Rights Reserved.