Hello. I need to link the Fortigate with the FortiAuthenticator through VPN. I created a site-to-site tunnel, everything works, hosts communicate between sites, but fortigate sends its local traffic from the wan interface (public address). What should I do to connect Fortigate and FortiAuthenticator?
the tunnels are in policy mode diagnose debug flow: id=20085 trace_id=398 func=ipsec_output_finish line=525 msg="send to public_address_site1 via intf-port10" id=20085 trace_id=399 func=print_pkt_detail line=5363 msg="vd-root received a packet(proto=6, public_address_site1:7158->local_address_site2:8000) from local. flag [S ], seq 1012248423, ack 0, win 13980" id=20085 trace_id=399 func=init_ip_session_common line=5519 msg="allocate a new session-00021e79" id=20085 trace_id=399 func=ipsecdev_hard_start_xmit line=178 msg="enter IPsec interface-vpn_interface_name" id=20085 trace_id=399 func=esp_output4 line=891 msg="IPsec encrypt/auth
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Under 5.4.x at least, after you have made the changes under Log Settings to send logs to the FortiAnalyzer IP (it won't connect successfully yet). Then from the CLI:
config log fortianalyzer setting
set source-ip <FortiGate Internal IP>
You'll need to have your routes and security policies defined to allow this.
Under 5.4.x at least, after you have made the changes under Log Settings to send logs to the FortiAnalyzer IP (it won't connect successfully yet). Then from the CLI:
config log fortianalyzer setting
set source-ip <FortiGate Internal IP>
You'll need to have your routes and security policies defined to allow this.
Thanks
i found this option
config user fsso edit "NAME" set server "xx.xx.xx.xx" set source-ip xx.xx.xx.xx
end
Ah, sorry, misread FortiAuthenticator as FortiAnalyzer. Looks like you found the solution anyway!
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1733 | |
1106 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.