Connect Fortigate to a remote FortiAnalyzer

5q46n2te8jPWJY · ‎06-02-2024

Hello,

I'm trying to connect my FortiGate to FortiAnalyzer.

Diagramme sans nom.drawio2.png

My FortiAnalyzer(10.10.0.3) VM is in VLAN 10, directly connected to FortiGate A (10.10.0.254). I successfully connected FortiGate A to FortiAnalyzer.

My problem is with FortiGate B. I created an IPsec tunnel between FortiGate A and FortiGate B and created rules (any to any) to allow traffic between VLAN 10 (A) and VLAN 40 (B), but I can't contact FortiAnalyzerfrom FortiGate B (10.40.0.254).

On Fortigate B, if I want to ping FortiAnalyzer, I have to execute ping-options source 10.40.0.254. If I don't, it don't ping...

Do you have any ideas?

Thanks !

ozkanaltas · ‎06-02-2024

Hello @5q46n2te8jPWJY ,

Did you try to configure the source IP address on the FortiAnalyzer configuration?

config log fortianalyzer setting
set source-ip 10.40.0.1
end

And also can you see 514 packages on FortiGate A?

You can check that with this command.

diagnose sniffer packet <IPSEC_NAME>

If you have found a solution, please like and accept it to make it easily accessible to others.
NSE 4-5-6-7 OT Sec - ENT FW

View solution in original post

ozkanaltas · ‎06-02-2024

Hello @5q46n2te8jPWJY ,

Did you try to configure the source IP address on the FortiAnalyzer configuration?

config log fortianalyzer setting
set source-ip 10.40.0.1
end

And also can you see 514 packages on FortiGate A?

You can check that with this command.

diagnose sniffer packet <IPSEC_NAME>

If you have found a solution, please like and accept it to make it easily accessible to others.
NSE 4-5-6-7 OT Sec - ENT FW

5q46n2te8jPWJY · ‎06-02-2024

You rock !

Setting source IP did the trick.

Have a nice day !

Connect Fortigate to a remote FortiAnalyzer

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website