Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com
PCNSE
NSE
StrongSwan
If a FortiGate interface IP address overlaps with one or more IP pool address ranges, the interface responds to ARP requests for all of the IP addresses in the overlapping IP pools.What Fortinet doesn' t mention explicitly is that the mere existance of an IP pool is sufficient, not it' s use in a policy.
PCNSE
NSE
StrongSwan
Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com
ORIGINAL: emnoc That' s interesting, so are we trying to duplicate ippools in one of the same local lan address space? If a FGT had numerous LANs is it going to handle Arp request for that pool across any LAN interface?How my setup worked: The target LAN was remote to the FGT. The outbound traffic went out without issue, but the return traffic on that same policy was intercepted by the IPpool.
Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.