Hello
I just replaced my old FortiGate 100 with a new FortiGate 90D and there are still a few things that behave differently than before.
When I’m connected to my FortiAP with a phone I’m unable to retrieve mail from my internal mail server, or any other internal servers by name, but I can access external sites. My phone is on “wireless” interface 10.10.10.10/255.255.255.0 and my servers are on “internal” interface 192.168.1.254/255.255.255.0
Perhaps related to this, or not, the desktops on my LAN are able to reach external websites, but are unable to reach sites on internal servers by FQDN (eg: [link]http://apps.domain.com/bigtime).[/link] They can reach sites on internal servers by UNC (//whitney/bigtime)
I have a feeling I need some additional policies. Any ideas?
Thanks
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Thanks Ede, Dave
I'm using the VIP as the destination address as this article advises. I wanted to avoid using external IPs from the LAN, but even with a local record for mail that resolves to the server's internal IP, things on the LAN seem to insist on using the external IP. So until that's resolved I needed at least a temporary solution.
Now, similarly, my wireless users can't sync mail (unable to reach our server's external IPs) while connected to our FortiAP, but I'll post that to the wireless forum.
Thanks again
The wireless problem was resolved by switching to bridge from tunnel mode so the wifi users are on the internal subnet. I thought it would work the other way with my wireless -> internal and wireless -> external policies.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1712 | |
1093 | |
752 | |
447 | |
231 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.