We are using our FortiGate 200F as an internal LB for some requests against a service.
What we are wondering is if it's possible to log data when forwarding traffic?
We can see successful re-routes in the Forward Traffic logs, like source and destination, but we can not determine what requests that relate to what re-route, for troubleshooting.
Ex.
A service sends a POST request with headers and body to an IP and port of a Virtual server with Round Robin.
External IP Address/Range | 10.0.10.100 |
External Service Port | 2003 |
Real Servers | 10.0.10.110:2003 10.0.10.111:2003 10.0.10.112:2003 10.0.10.113:2003 10.0.10.114:2003 10.0.10.115:2003 10.0.10.116:2003 10.0.10.117:2003 |
We need to be able to follow the request but are unable to determine what log relates to what request, and we get multiple requests a second.
Is there any way for FortiGate to log the data it re-routes?
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
If I understand well you are looking for packet capture, right?
That looks about right, will test it out, thank you!
Created on 04-26-2024 06:39 AM Edited on 04-26-2024 06:45 AM
You can also use the diagnose commands:
FW # diagnose firewall vip
realserver Load balance real servers.
virtual-server Virtual-server diagnostics.
and for traffic sniffing:
diagnose sniffer packet any 'tcp and port 2003' 4 0 l
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1733 | |
1106 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.