All documentation for a number of Fortinet devices states that the "Fortinet Distribution Servers" are accessed to download things like FortiGuard engine and definition updates.
I need to permit traffic from my Fortinet device (FortiMail) to the Fortinet Distribution Servers, through my perimeter firewall.
I can see that TCP443 and UDP53 needs to be permitted but where to? There is no reference to a specific destination.
What is the IP address or FQDN of these Fortinet Distribution Servers?
Try to contact support for the correct FQDN but here's a method for getting the list
http://socpuppet.blogspot.com/2015/10/howto-determine-if-your-fortinet.html
Also since these servers requires-peer certifications, try to set a fwpolicy with no ssl inspection.
PCNSE
NSE
StrongSwan
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1064 | |
889 | |
527 | |
441 | |
152 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.