Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
dalepros
New Contributor

Created on ‎06-25-2015 05:52 PM

fortigate routing

Guys

i need some advice to get around this issue. my wan connection is a ASA (A)which routes some POS traffic via my default router  which sends it to ASA(B) and to a server.now we are testing a fortigate on the network which we want to use for default internet traffic.

the dilema starts here ... when internet users use the POS the traffic comes in on the ASA (A) headed to the router and ASA (B) then the server.. the return traffic from ASA (B) will then go out to their internet through fortigate when it is implemented and there lies the problem.

sending the traffic from A directly to B i believe is an issue because of the stateful devices haven't tested but i cant afford too much down time..

how do i impliment without interrupting pos traffic?

   

- See more at: https://supportforums.cis...g#sthash.QIjFRnaY.dpuf

2984
0 Kudos
2 REPLIES 2
emnoc
Esteemed Contributor III

Created on ‎06-25-2015 07:57 PM

Sounds like you have to many devices in  the loop, but transparent mode sounds like what you need. Can you care to draft a simple diagram of the network and the POS devices layout? are these wire and wireless terminals?

 

If your POS subnet (s) is behind one router or ASA, I would look at a l2 transparent setup for the least interruption.

 

Just keep in mind;  "asymmertical routing buys you no benefit from a stateful inspection and possible other UTM features "

 

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
1735
0 Kudos
dalepros
New Contributor
In response to emnoc

Created on ‎06-26-2015 08:42 AM

hey em.. thanks for the response i like the idea... but in transparent mode i wont be able to use the other interfaces for any external facing devices is that correct? i have attached a logical diagram of what i have and what i percieve you have in mind

Drawing1.jpg
Preview file
32 KB
1734
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.