Hi to all!
Im coming here to ask your help
I have some VIP's and vpn ssl limited with GEOIP objects, it worked fine for long time, but in the lasts weeks this stop working and is allowing the post to be reached from anywhere and now im getting expose to bruteforce attacks and scanners constantly
I doble check the address object and rules, they are "ok", also check the geo database is updated and if i check the "diag geoip geoip-query" or "diag geoip ip2country" they are correct, the coming ip are from country i have bloqued.
Anyone experience this?
Regards
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi Waxon
Which FortiOS release?
Try remove GeoIP object from the policy, validate, then add it back and validate again.
and in the policy using a VIP, you have
"set match-vip enable"
?
otherwise, the local-in policy will not have any effect on VIP policies.
There's a couple of KB articles on this topic, as well as recent forum posts.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1696 | |
1091 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.