Hi all!
I have a rare issue, let me explain:
I have 2 server on different network,
Server 1 the packets coming from port5
Server 2 the packets coming from a VLAN SERVERS on port6
The FortiOS is 4.0MR3 Patch 15
FGT 3950B
When i ping Server 1 to SErver 2, the packets dont pass the FGT, they are blocked with the next output on diagnose flow:
id=36871 trace_id=281 msg=" vd-root received a packet(proto=1, 10.22.50.2:26200->10.22.11.8:8) from port5."
id=36871 trace_id=281 msg=" allocate a new session-04d3edfa"
id=36871 trace_id=281 msg=" find a route: gw-10.22.11.8 via WWW-EXT"
id=36871 trace_id=281 msg=" Denied by endpoint check"
The policies are empty, not filtering services or using any UTM. (all, all, any, any)
But if i ping from another network on port1 with the same policies (all all) its ok! The server is responding icmp, and if i ping from fgt the server response.
Any ideas?
Thank you