Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

ZKTeco Biometrics - Port Forwading issue

Hi Respected Members,


I am facing issue with ZKTeco Biometrics machine port forwarding.
We did everything to make it work behind out firewall Fortinet 100E.
We make virtual IP : External to internal : TCP /UDP : 8080
we tested with nat enabled and disabled both not working.
rules properly configured. what can be the reason? 
I configured a new VIP object to forward port 8080 to my internal server but this did not work.
When i run some test i saw that the server itself is resetting the connection when the SYN came in.
i also tried to enable the Source NAT on the incoming policy in case the Server itself has some ACL not allowing traffic from external addresses but saw the same behavior.



You need to run the debug logs on the Fortigate with the below command and check whether the traffic is taking the correct policy and going out via the correct interface/gateway.

 diag debug flow filter addr x.x.x.x

diag debug flow show iprope enable

diag deb flow filter port 8080

 diag debug flow show function-name enable

 diag debug console timestamp enable

 diag debug flow trace start 1000

diag debug enable


If you are seeing the server rst logs in the Forward logs, means the server is sending the reset packet for the client trying to set up the connection.Kindly check on the server  whether the packets receives on the server side and what the response it is replying back.




Top Kudoed Authors