Hi,I've been attempting to setup a High Availability pair of virtual
Fortigate firewalls under
AWS.https://docs.fortinet.com/document/fortigate-public-cloud/7.6.0/aws-administration-guide/229470/deploying-fortigate-vm-active-passive-ha-aws-between-mu...
Hi,I've been recently looking into Fortinet's GuardDuty integration with
AWShttps://github.com/fortinet/aws-lambda-guardduty However it looks as
if the lambda function is using a version of nodejs no longer supported
by AWShttps://github.com/fortinet...
Hi,This is a question of using Fortigate in the context of allowing in
SIP traffic.But then getting the firewall to dynamically open and close
pinhole ports for RTP under AWSTo try and explain our setup first we
have an AWS EC2 instance that ether re...
I don't think so because this is a virtual firewall running under AWSand
I don't think AWS supports VLANs or VLAN tagged packets. They do support
multiple ips for a given network interface, but I'm not sure if there's
a way to get the fortigate to se...
For the record I've also tried a couple of other approachesThe first was
a VIP approachSetup a secondary IP address on the WAN interface of the
firewallIn this case 10.40.81.238Point the external IP that was
associated with the SIP server (3.9.196.23...
The next thing I tried was attaching the elastic IP of 3.9.196.238 to
the WAN port of the firewall, then setting up a VIPUnfortunately as I
suspected, AWS is doing DNAT or destination NAT on the packet before it
gets to the wan interface of the firew...
I've uploaded our current config
belowhttps://github.com/Local-Hecatron-BCH/IVRLogs/blob/master/03-09-2024-15-25/FortiGate-VM64-AWS_7-2_1688_202409031510.confAnd
this is the debug
outputhttps://github.com/Local-Hecatron-BCH/IVRLogs/blob/master/03-09-...
In the case of AWS when you assign an elastic ip to any network
interface there's always a one to one NAT that takes place from AWS's
point of view before it reaches insideSo the Fortigate will always see
an internal IP hit it's WAN port for the UDP ...
