Hello
I have problem with connection to my Analyzer and Security Fabric, since i'm new in this i will try to explain best i can.
I have 5 devices on 3 different locations:
1. Fortigate 2x 100E in HA with firmware 6.4.0 on my hq and Forti Analyzer 200F with os 6.2.5
2. FortiGate 30E with firmware 6.2.4 on my remote site 1
3. FortiGate 30E with firmware 6.2.4 on my remote site 2
So first thing i'v done i connect 100E HA with 200F for log collection
Than i set up VPN site to site wizzard with FG30E on site 1 , VPN is up Fabric connection is on, my Analyzer see FG30E but log status down. I'v checked policies, and VPN polices are nat off, service set to all, and none security profiles. Routings are fine.
Second thing i'v done i connect remote site 2 FG30E with 100E similar as site 1. VPN Tunel is up, Fabric connection cannot connect, and Analyzer 200F dont see device , but i can ping it from console. And i'm stuck here.
Both side lans see my HQ Servers, communication works perfect beetwen my sites.
Whats the difference ?
In all casses i use VPN to comunicate only with my Servers LAN on my HQ, internet for those sites are from 2 different ISP
Site1 is using wan configured as PPPoE and, LAN as hardware Switch on ports 1-4. (Static route entrys are only from VPN wizzard)
Site2 is using wan as static ip, LAN - port1 with 2 vlan networks (VPN is from one Vlan to HQ).
In addition to site1, i need to add static route since i'm using static ip wan <0.0.0.0/0:"gateway ip":interface wan> )
Also i'v checked policies on my HQ 100E, and everything is as it should be acording to coockbooks, tutorials etc.
Can You please help me, what i'm missing ?
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Sorry if i write like insane it's not my mother language.
So what i have done, i try console comand on my FG30E site2
config log fortianalyzer setting
set source-ip to my vlan int ip and now forti analyzer add this device.
So one problem is behind me.
Still i have problem with connecting to security fabric to my FG100E from Site2.
Fortianalyzer show me "log status of" on my site1 and site2 FG.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1712 | |
1093 | |
752 | |
447 | |
231 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.