Hey ...
I have a virtual IP on FortiGate 81F. Using port 1444.
When I send traffic to the WAN interface on port 1444 it doesn't register at all on the FortiGate.
I have other VIPs that are working fine.
I have a corresponding FW rule for the port that uses the VIP ... also no hits.
What have I missed?
Kindly refer to this document as a guide to configure VIP with port forwarding: https://community.fortinet.com/t5/FortiGate/Technical-Tip-Virtual-IP-VIP-port-forwarding-configurati...
Is your Fortigate running in Policy NAT mode or Central NAT mode?
Hi @nsharpley
As @jiahoong112 mentioned please verify the configuration of your Virtual IP first and if everything is fine there, you can run a diagnose sniffer command to see if the traffic matching the VIP is entering the firewall or not.
# diagnose sniffer packet any 'host <VirtualIP>' 4
If the traffic is not hitting the Firewall, then you need to examine the routing on your upstream devices. If the traffic is hitting the firewall, next step to perform a diag debug to see what happens with the flow.
https://docs.fortinet.com/document/fortigate/6.2.15/cookbook/54688/debugging-the-packet-flow
Performing these steps will give you an idea with what is happening with the traffic.
Best Regards,
I am now getting hits on the VIP but the FW policy is still 0B.
Hi @nsharpley,
Please check your firewall policy and make sure source and destination are configured correctly.
Regards,
Will perform some flow debug next ... appreciate the tips folks, thanks.
Resolved now.
FW policy config error on my part, which I knew it would be, but the suggestions here were the guide.
Thanks.
Hi, how you have resolved? i have the same problem
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.