Hi.
First off, I dont have much experience with Fortigate products and that's why we have IT support that deals with this.
However, they don't have much experience with BACnet.
This is the case:
- Closed "technical LAN" at remote site. No DHCP. Ip-range 10.0.0.0/24
- BACnet devices in this LAN connects to local BAS server in same ip-range
- Site-to-site VPN tunnel established between a Fortigate firewall on remote site and a Fortigate 40E in our office
- Want to deploy BACnet hardware in our office for testing to BAS server on remote site.
- Tested with adding a BACnet device in our office. Ip in 10.0.0.0/24 range
- Can reach device from remote site. Ping is OK
- Try to scan for BACnet devices from remote BAS server. Can't find it.
Any info missing or ideas to how we can make this work?
Thank you for any help.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi @Skagerak,
Which port number BAS server uses to scan? We need to understand how it scans, if it is broadcast, it will not reach the other side of the tunnel. You can run debug flow to see the traffic: https://community.fortinet.com/t5/FortiGate/Troubleshooting-Tip-First-steps-to-troubleshoot-connecti...
Regards,
Hi @hbac .
The BAS server uses default UDP port 47808 (BAC0 in hex).
I have also tried with YABE (Yet Another Bacnet Explorer) using the "BACnet/IP V4 &V6 over UDP" option with port:BAC0 and local endpoint:ip in local range.
I have tried this from both ends of the tunnel and searched for devices on the other end.
No device is found.
I am not very well versed in the underlying workings of BACnet so I don't really know how to answer your question correctly.
According to it support the tunnel should allow everything through.
I will forward your link to them.
Thank you for quick answer.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1536 | |
1029 | |
749 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.