I know I can DENY all outbound DNS traffic to port 53 tcp/udp and then
just add an allow for our vendor's DNS servers. However, my vendor
recommends redirecting all DNS traffic - which does sound like a more
elegant solution if the FortiOS can handle...
I have a number of sites connected via site-to-site interface-based VPN
tunnels. The connections are via a fiber network that we don' t control
the inbound internet traffic on. I have one site that also has a DSL
link on WAN2. What I' d like to be ab...
Thanks for the reply. I' ve attached a diagram of what I' m
trying to accomplish. Environment: - 5 sites connected via site-to-site
IPSec tunnels on their WAN1 IFCs, configured in interface mode. We can
access the internet via the fiber network that...
I' ve collected some info via debug flow, hopefully this will help in
making things clearer: The firewall rule is as such: SRCIFC = WAN2
SRCADD = All DESTIFC = INTERNAL DESTADD = VirtualIP (10.193.128.18,
mapping p9110 to 9100) Debug output: XXX-FW1 ...
