I'm having a weird issue with access public facing website after replacing my old Fortigate 200D with 200F.
I have multiple VDOMs that have few public facing websites. Vdom A has a website and vdom B has two websites. After replacing the Fortigate, I can't seem to access the two websites on a vdom B. I have no issue accessing the website on vdom A from outside. The main difference between two vdoms is that they have a different DIA to Internet. I'm not sure what causing the issue. I thought the issue is my switch that is sitting in between the Fortigate and the Internet provider. I don't see anything strange in there. It is doing L2. Any suggestions? I had to back out and put the old 200D in there to have the network back.
I hope the configuration migration has been done using the Forticonverter tool. We need to check if the request for websites in VDOM B from external network is reaching the firewall and if the firewall is dropping it.
You can use the below command to check if the traffic is reaching the firewall first:
diag sniffer packet any 'host x.x.x.x and host y.y.y.y' 4 0 a --- >you can replace x.x.x.x with the client public IP and y.y.y.y with the server IP
If the traffic comes in and if it is not forwarded, we can cross check if the traffic if getting dropped.
In case anyone need to know what happened, the issue was resolved after issuing failover status set command to force change over. I'm not sure the reason why. I'm afraid to change back to the other unit.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.