I'm trying to send syslog messages from a fortigate (v6.2.3) to a local syslog server using ipv6. I have ipv6 connectivity confirmed between the fortigate and the syslog server on the same network segment. When I assign the syslog server's ipv6 address in the "Send logs to syslog" setting on the fortigate, the syslog messages do not reach the syslog server (confirmed via wireshark). If I switch that ipv6 address to the ipv4 address of the syslog server the message begin showing up at the syslog server.
I am wondering if I can only achieve this by first sending the syslog log messages to a Fortianalyzer rather than directly from the fortigate? I thought the Fortigate was supposed to be able to handle this, maybe I'm missing something?
I think the main question is whether you have ipv6 connectivity from FortiGate to FAZ. Can you ping the FAZ, do you have correct routing? In a packet cpature, does the packet leave the FG on the correct interface to FAZ? Is the FAZ configured with IPv6 and routing for IPv6?
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.