Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com
PCNSE
NSE
StrongSwan
If a FortiGate interface IP address overlaps with one or more IP pool address ranges, the interface responds to ARP requests for all of the IP addresses in the overlapping IP pools.What Fortinet doesn' t mention explicitly is that the mere existance of an IP pool is sufficient, not it' s use in a policy.
PCNSE
NSE
StrongSwan
Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com
ORIGINAL: emnoc That' s interesting, so are we trying to duplicate ippools in one of the same local lan address space? If a FGT had numerous LANs is it going to handle Arp request for that pool across any LAN interface?How my setup worked: The target LAN was remote to the FGT. The outbound traffic went out without issue, but the return traffic on that same policy was intercepted by the IPpool.
Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com
User | Count |
---|---|
2677 | |
1412 | |
810 | |
703 | |
455 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.