Hi guys, I am not able to pull off a DNAT to access from external
internet access to my web service hosted in the server in private subnet
managed by fortigate. I am new into this networking area, could you guys
help me out ?This is what I have been ...
I have a site to site vpn mounted with my private subnet (10.0.1.0/24)
and Teltonika router RUT951 subnet (192.168.10.0/24) which is connected
to internet through dial up (SIM Card Telcel). The site to site is up
and successfully running on phase1 an...
Hi @dingjerry_FTNT it absolutely works, turns out AWS handles x.x.x.101
mapping to 10.0.0.10 port1 ip, but fortigate is not aware of this, so
had to change external ip to 10.0.0.10 ip address... Also I had to
enable NAT in my policy because the priva...
Hi @DPadula ,This is the output it displays, the output is basically
saying that no firewal policy is matched and only the rejected one at
the last matched?https://codeshare.io/Mkndop
@dingjerry_FTNT Got a winner!Turns out the problem was in the interface
of FGT port2 Source/dest check was enabled in aws, this one did not
allow to do ping to other ips which are not inside the 10.0.1.0/24, I
just disabled this check, and now I got ...
Hi @dingjerry_FTNT ,You are right, my bad there, here below I attach the
debug commands with corrected ip address filter. Fortigate CLI, this is
how it was looking even after doing "ping 192.168.10.1" Ping from
private server after running debug comm...
Hi @dingjerry_FTNT , Ran first debug commands into Fortigate CLI Then
Run ping from private server, and nothing was debugged into the fgt cli
terminal, it is not even reaching the interface port2 from FGT. Regards,
