i need support, i have an OpenVPN server on my network, and its listening on default port 1194 so I created a VIP from the public to the inside but VPN is not working I have tried multiple ways but no luck, so i ran debug on the srcddrs and I see TCP rst message .
edit OVPN set comment "OVPN" set extip 18.104.22.168 set mappedip "22.214.171.124" set extintf "wan2" set color 12
FW policy :- set srcintf "wan2" set dstintf "lan1" set srcaddr "all" set dstaddr "OVPN" set action accept set schedule "always" set service "ALL" set logtraffic all
wan2 is my secondary circuit, so I created a route policy for the return traffic
edit set input-device "lan1" set srcaddr "126.96.36.199" set dstaddr "all" set output-device "wan2"
UDP port-forward is already configured for port 1194 edit "VIP" set extip 188.8.131.52 set mappedip "184.108.40.206" set extintf "wan2" set portforward enable set color 12 set protocol udp set extport 1194 set mappedport 1194
Hi Graham sorry for my late response after long troubleshooting, i asked the customer how is he testing and they are testing by telnet then the public ip : port number from windows cmd -_- that is why i am seeing TCP instead of UDP , So after they start testing using their tool I was able to see the connection but only in one direction from the GUI policy usage there is only sent packets but no received from OpenServer.
id=20085 trace_id=952 func=print_pkt_detail line=5727 msg="vd-root:0 received a packet(proto=17, x.x.x.x:52633->220.127.116.11:1194) from wan2. " id=20085 trace_id=952 func=init_ip_session_common line=5898 msg="allocate a new session-2c8e90d2" id=20085 trace_id=952 func=fw_pre_route_handler line=181 msg="VIP-18.104.22.168:1194, outdev-wan2" id=20085 trace_id=952 func=__ip_session_run_tuple line=3484 msg="DNAT 22.214.171.124:1194->126.96.36.199:1194" id=20085 trace_id=952 func=vf_ip_route_input_common line=2621 msg="find a route: flag=00000000 gw-188.8.131.52 via lan1" id=20085 trace_id=952 func=fw_forward_handler line=799 msg="Allowed by Policy-14:" id=20085 trace_id=952 func=ipd_post_route_handler line=490 msg="out port1 vwl_zone_id 0, state2 0x301, quality 0. "
sniffer 2023-01-31 05:16:55.844842 lan1 out x.x.x.x.52633 -> 184.108.40.206.1194: udp 21
this time I believe its the server issue not replying back
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.