I'm new to the Fortigate product and have been trialing the AWS offering. Things have gone ok but I have an issue with the firewall which I can't nut out. Any help would be appreciated.
[ul]Fortigate Appliance has two interfaces: Public 10.0.5.93 & Private 10.0.217.79Public Interface also has an AWS EIP associated with itTwo AWS routing tables have bee created: Public & Private[ul]Public: 0.0.0.0/0 routes to the AWS Internet Gateway (IGW)Private: 0.0.0.0/0 routes to the Private interface[/ul](Both Public & Private interfaces can successfully ping external/public IPs/FQDNs)Test server sitting with Private subnet. IP = 10.0.217.80Firewall rules:[ul]From: Internal, To: Internal, Source: All, Destination: All, Service: All ICMP, NAT: Accept From: Internal, To: Internal, Source: All, Destination: All, Service: HTTP, HTTPS, NAT: AcceptImplicit Deny in place and last in the the order of rules[/ul][/ul]
Problem Description[ul]Outbound traffic (HTTP, HTTPS, ICMP etc) initiated from the Test Server is unable to reach any external/public IPs/FQDNs)Firewall Statistics counter for each rule showing traffic being processed by the relevant (ICMP, HTTP(S)) rule[/ul]
Troubleshooting[ul]When enabling Explicit Policy and configuring a browser on the Test Server to use Fortigate's private interface as the proxy IP, HTTP(S) traffic successfullyExplicit Proxy Settings is enabled on the Private interface[/ul][ul]Network->Explicit Policy = default settingsPolicy & Objects-> Explicit Proxy Policy is created with default setting - Source: All, Destination: All etc[/ul]