Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

New to Fortigate - odd firewall issue



I'm new to the Fortigate product and have been trialing the AWS offering. Things have gone ok but I have an issue with the firewall which I can't nut out. Any help would be appreciated.



  • Fortigate Appliance has two interfaces: Public & Private
  • Public Interface also has an AWS EIP associated with it
  • Two AWS routing tables have bee created: Public & Private[ul]
  • Public: routes to the AWS Internet Gateway (IGW)
  • Private: routes to the Private interface[/ul]
  • (Both Public & Private interfaces can successfully ping external/public IPs/FQDNs)
  • Test server sitting with Private subnet. IP =
  • Firewall rules:[ul]
  • From: Internal, To: Internal, Source: All, Destination: All, Service: All ICMP, NAT: Accept 
  • From: Internal, To: Internal, Source: All, Destination: All, Service: HTTP, HTTPS, NAT: Accept
  • Implicit Deny in place and last in the the order of rules[/ul][/ul]


    Problem Description

  • Outbound traffic (HTTP, HTTPS, ICMP etc) initiated from the Test Server is unable to reach any external/public IPs/FQDNs)
  • Firewall Statistics counter for each rule showing traffic being processed by the relevant (ICMP, HTTP(S)) rule[/ul]


  • When enabling Explicit Policy and configuring a browser on the Test Server to use Fortigate's private interface as the proxy IP, HTTP(S) traffic successfully
  • Explicit Proxy Settings is enabled on the Private interface[/ul][ul]
  • Network->Explicit Policy = default settings
  • Policy & Objects-> Explicit Proxy Policy is created with default setting -  Source: All, Destination: All etc[/ul]






  • 0 REPLIES 0

    Select Forum Responses to become Knowledge Articles!

    Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

    Top Kudoed Authors