Hi guys,
I've got a web server/domain hosting server on my DMZ port on my FG80C. IT was all working with DNS, SMTP, HTTP/HTTPS/SSH etc configured with VIPS and a policy to allow them to the server. Now only SMTP port 25 is getting though and nothing else????? I don't see any deny attempts but do see strange bittorrent application on inbound connections????
Could someone lend a hand? I've made no changes to the rules and web server works perfectly locally all its ports resolve. But external only port 25 works?????
Regards,
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Deeper troubleshooting reveles ports 53 and 22 don't seem to work. The rest of the services do. The config for ports 53 and 22 are in the same policy as the rest.
Is there a way I can see in what rules or VIPS via CLI use port 53? As Im running also a Nameserver on this server I really need port 53 to be working.
Locally on the server port 53 is accessible and BIND is resolving everything hosted on the server.
Something on the Fortigate is blocking port 53 and port 22??????? Running:
diagnose sys tcpsock | grep 0.0.0.0
shows listening on port 53
0.0.0.0:53->0.0.0.0:0->state=listen err=0 sockflag=0x1 rma=0 wma=0 fma=0 tma=0
Right. Problem was the darn ISP changing DNS settings and putting in a filter without telling me.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1634 | |
1063 | |
751 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.