Hi to all!
Im coming here to ask your help
I have some VIP's and vpn ssl limited with GEOIP objects, it worked fine for long time, but in the lasts weeks this stop working and is allowing the post to be reached from anywhere and now im getting expose to bruteforce attacks and scanners constantly
I doble check the address object and rules, they are "ok", also check the geo database is updated and if i check the "diag geoip geoip-query" or "diag geoip ip2country" they are correct, the coming ip are from country i have bloqued.
Anyone experience this?
Regards
Hi Waxon
Which FortiOS release?
Try remove GeoIP object from the policy, validate, then add it back and validate again.
and in the policy using a VIP, you have
"set match-vip enable"
?
otherwise, the local-in policy will not have any effect on VIP policies.
There's a couple of KB articles on this topic, as well as recent forum posts.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.