Issue related to application licensing in different vlan
I am using FGT400E and I am facing issue with an application named "Tally" which is used for accounting purpose. This application server is installed on a server with IP : 192.168.1.2/24 Port 9999 and working fine in the same network [VLAN 1].
But if i want to shift this server in DMZ with different IP : 22.214.171.124/28 [VLAN 61] and want to access it through IP : 192.168.1.x/24 [VLAN 1] it can't be accessible with the error "Client system is not directly connected to the same LAN where license server is connected. License server cannot serve the license for this client."
I researched the application licensing model and find that the application server used the broadcast domain for licensing which is UDP. Do i need a separate cisco router to extend the lan and use ip helper-address ? Please help me to get this connected through fortigate only as i want to use it through other vlan and vpn also.
The quick and dirty answer would be to create a policy from that new subnet just to the server, and enable NAT on the policy. This will force connecting traffic to use the IP interface of the Fortigate which is on the same IP subnet as the server. Place this policy above any others between the two subnets. Policies are used in a top-down first come, first served basis. Best practice is to place the more concise policies at the top and the general ones at the bottom.
We have a fortigate firewall 100d where our tally is behind the core switch but tally is 192.168.10.x and gateway is core switch and default gateway for core is firewall its 192.168.1.x mgmt network here my ssl vpn users connected tally segment but cannot access the tally if i enable the nat and set the dynamic ip as tally segment.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.