Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor II

Not reply health check from GCP

Hi, I am thinking about why FortiGate-VM instance does not reply a health check on GCP.


I created FG-VM on GCP and have set local-in-policy and admin-profile(restricted address).
From GCP console, I can connect SSH and HTTPS on the IP of NW-LAN.
*Connect to C.C.C.C


However, trying connect on IP of the external LB is fail.(which is through LB(GCP))
*Connect to B.B.B.B A.A.A.A


PC --- Internet --- |GCP| --- (IP:A.A.A.A/x)LB --- (NW-LAN) --- (IP:B.B.B.B/x)FG-VM (--- (NW-GCP console)(C.C.C.C))
*FG-VM is a single.
*FG-VM is in an instance group with health check: TCP/80.
*A.A.A.A is a public IP of LB.
*B.B.B.B is a private IP of FG-VM.
*C.C.C.C is a public IP of FG-VM.(for GCP console)


You know when health check fails, we cannot connect to VM.
On the same structure, I created Apache and it works correct.


So, I suspect a listening port of FG-VM for health check is not work well.

Thank you for reading and I would like you to give me some advices if you have.




Hello Sawtom.
As I understand you are unable to connect to B.B.B.B from the NW-GCP console. Please correct me if I am wrong.
Also, I request you to go through the below link for the health check to verify the config

New Contributor II

Hello @knagaraju ,

Thank you for your quick comment and sorry I had a mistake.

I tried (and would like) to connect to A.A.A.A(LB/Global IP), not B.B.B.B. (just edited last post)

New Contributor II

I have an additional question.

Can I set a listening port on FortiGate-VM?

*For the health check on GCP.