Basics for my config:
FGT60Fx1 - Dynamic External Address (Comcast)
FMG VM - Internal address behind the FGT60Fx1
FGT60Fx2 - Dynamic External Address / CGNAT (T-Mobile Home Internet)
I am using FMG to configure both devices. I am trying to configure a VIP for FGT60Fx1's external port to allow inbound FMG traffic (ports: TCP 541, 542, 53, 80, 8888, 8889, 8900, 8890, 443, UDP 53, 8888, 8889 per https://docs.fortinet.com/document/fortimanager/7.6.0/fortimanager-ports/465971/incoming-ports). However, FortiManager won't allow me to use 0.0.0.0 / 0.0.0.0 as the "External" address. Since the external address will change at my provider's whim, how do I get around this? I do have DDNS setup, but that also didn't work when setting up the FQDN option as it continually tells me I need a change note, even though I've entered one. I've tried using 1 character, 5 characters, 50 characters, but the field says I haven't added a change note.
What is the trick to setting up VIPs in FortiManager (7.2.7 in this case)?
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi,
Please refer to this article to configure VIP on Fortimanager:- https://docs.fortinet.com/document/fortigate/6.2.16/cookbook/70978/configuring-the-vip-to-access-the...
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1663 | |
1077 | |
752 | |
446 | |
220 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.