Hi Guys,
Attached is existing network environment. Our objective is to replace current transparent mode with Foritgate 92D, However. we encounter issue with external traffic cant reach server.
Appreciate if anyone can assist or guide on troubleshooting. Thanks
Existing Configuration:
[ol]-External traffic accessing public server route by Telekom switch to their internal Cisco L3 switch which control by VLAN 1 (Management VLAN), 222,223,224,225 (Server VLAN)
-Cisco switch will pass through external traffic to transparent Juniper firewall for granular control on port by connected using trunk port allow only VLAN1 (Attached is Juniper configuration)
-Once traffic filter by Juniper, it will pass through another Cisco L2 switch to their destination server using same trunk port VLAN1.
Deployment Steps & issue encounter::
[ol]-IP Address 10.10.216.150 & GW 10.10.216.1
-Configure pairing port for “Internal & WAN1”
-Create 1 firewall rule as “ANY-ANY”
2. Shutdown interface connection for Juniper and disable shutdown for Fortigate port at Cisco L3 switch
3. Internal communication between server and Fortigate didn’t having issue except for external traffic going internal and external.
4. Ping server internal IP (Physical) and Public IP(VM) and vice versa including access Fortigate GUI, SSH from server.
5. Configured VLAN interface with “forward-domain” enable on each VLAN interface with same result, failed to access server from external and internal using public IP address
4. Issue still occurred even after applied setting based on Fortigate KB http://kb.fortinet.com/kb/documentLink.do?externalID=FD30083
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1713 | |
1093 | |
752 | |
447 | |
231 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.