- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
SSH not answering through VIP
Hi guys,
i got some problem and i cant figure this out.
I have a virtual machine on server which will be a mail server in future. Ive created a VIP on Forti that is internal address mapped to public. It pings and is visible from outside but services are not responding at public address f.e. SSH port 25.I also added even port forwarding for all ports 1-65535 and it still doesnt answer. Anyone got an idea what to do? I can log in to machine from our internal network through SSH but i cant do the same when i try to log in to public address
- Labels:
-
FortiGate
- « Previous
-
- 1
- 2
- Next »
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @pprx ,
I hope your 2 VIPs do not have the same external IP.
1) Do not use the following if you have port forwarding enabled:
set extport 1-65535
set mappedport 1-65535
2) Run debug flow on port 22 to see why traffic is not being forwarded:
diag debug flow show iprope enable
diag debug flow filter port 22
diag debug flow trace start 20
diag debug enable
Then reproduce the issue to collect the outputs and show them here, please.
Jerry
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@dingjerry_FTNTis right. You shouldn't have enabled port forwarding if you just want to forward all ports. But for your test purpose with SSH, you should remove the second one (original VIP) when you test the first SSH VIP. I was not sure what would happen when overlapping VIPs are configured.
Toshi

- « Previous
-
- 1
- 2
- Next »