Hi!
I have a FortiGate 50E for home use.
I got fibre Internet last week, so a new provider.
Looks like my provider is NATing, because the IP on WAN1 I get via DHCP from them (100.74.0.x) is different than the public IP, I get when I look with WhatIsMyIP (185.246.22.x).
I got in touch with the provider, they said all ports should be open for me, so I should reach my servers behind it.
The problem is, looks like nothing is reaching my Forti, when I ping my public IP and sniff with "diag sniffer packet wan1 icmp" I don't see my pings. But I get an answer on the device I send the pings from, so looks like something from my provider is answering them.
I also configured a SSL VPN + Policy on my Forti, it says it's listening on the WAN1 IP (100.74.0.x) on port 10443, but is not reachable from outside, only in my own network.
So I thought probably because it thinks there is no NAT from the provider, so the other IP should reach it.
I made a VIP, that listens on the public IP (185.246.22.x) and forwards 10443 to the wan1 IP (100.74.0.x), sadly still not working.
Do you guys have any idea, is it because the provider nat / problem on their site?
Any troubleshooting I can try?
I'd love to get some useful advice and bring my docker cluster + VPN finally back online. :)
Kind regards,
Markus
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello Markus,
My my consider to deploy FortiGate in the cloud and perform test below:
- ping cloud VM from FortiGate 50E and sniff traffic on cloud VM in order to verify whether NAT is performed by ISP
- telnet from cloud VM to 100.74.0.x and 185.246.22.x and sniff traffic on FortiGate 50E in order to verify whether FortiGate 50E is reachable/DNAT is performed
Hi!
Thanks for your answer, I'm not sure if I can do that, since the Forti in registered in the name of the company I work for, I'm just allowed to use it as my home device until I get one cheap with the employee discount (we are fortinet partner).
Do you have any other way I can check that?
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1705 | |
1093 | |
752 | |
446 | |
230 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.