Hey, In FortiManager, rules have "Incoming Interface" and "Outgoing
Interface" fields, which are, among other fields, used to classify if a
packet for matching a ruleWhile the incoming interface is naturally
known as a packet enters the FW, the outgo...
Hey. AFAIK, if I have a rule with "Virtual IP" object in its
destination, and the action is "Accept" - if this rule matches,
effectively the gateway performs destination NAT, translating the
external IP in the associated "Virtual IP" object to the "M...
Thanks for responding.Sure there's destination IP in the rule, it's the
Virtual IP object - the question was related to outgoing interface.In
order to know the outgoing interface, there first should routing lookup,
but in case of destination NAT, the...
No, I just wanted to clarify the behavior of rule with VIP object and
"Deny" action, and it's now clear.It'll be like any other deny rule that
has some address object in the destination - only the external IP of the
VIP object is considered for match...
