|
Network topology in FortiGate Transparent mode:
Source IP :163.27.3.39
Destination IP: 34.83.44.187
163.27.3.39 - x3(163.27.3.0) - FortiGate (Transparent mode) - x4(163.27.3.0) - 34.83.44.187
Investigate the session details by the commands below:
diagnose sys session filter dst 34.83.44.187 <----- destination IP address.
diagnose sys session filter src 163.27.3.39 <----- Source IP address.
diagnose sys session list
session info: proto=6 proto_state=01 duration=26 expire=3573 timeout=3600 flags=00000000 socktype=0 sockport=0 av_idx=0 use=3
origin-shaper=
reply-shaper=
per_ip_shaper=
class_id=0 ha_id=0 policy_dir=0 tunnel=/ vlan_cos=0/0
state=log may_dirty br npu f00
statistic(bytes/packets/allow_err): org=92/2/1 reply=52/1/1 tuples=2
tx speed(Bps/kbps): 0/0 rx speed(Bps/kbps): 0/0
orgin->sink: org pre->post, reply pre->post dev=33->34/34->33 gwy=0.0.0.0/0.0.0.0
hook=post dir=org act=snat 163.27.3.39:53293->34.83.44.187:443(163.27.3.251:53293) <----- The source IP address has been done by the source NAT option as the Transparent mode manage IP address.
hook=pre dir=reply act=dnat 34.83.44.187:443->163.27.3.251:53293(163.27.3.39:53293)
pos/(before,after) 0/(0,0), 0/(0,0)
misc=0 policy_id=1 pol_uuid_idx=2019 auth_info=0 chk_client_info=0 vd=1 <----- Matched the policy rule id 1.
serial=04b4edff tos=ff/ff app_list=0 app=0 url_cat=0
rpdb_link_id=00000000 ngfwid=n/a
npu_state=0x000c00 ofld-O ofld-R
npu info: flag=0x81/0x81, offload=8/8, ips_offload=0/0, epid=91/90, ipid=90/91, vlan=0x0000/0x0000
vlifid=90/91, vtag_in=0x0000/0x0000 in_npu=1/1, out_npu=1/1, fwd_en=0/0, qid=0/4
total session 1
config firewall policy
edit 1 <----- Policy ID 1.
set uuid 4d8232e0-bb30-51ee-d15b-8fe278785cfa
set srcintf "x3"
set dstintf "x4"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "OUT-02-DMZ to UnTrust Advance"
set logtraffic all
set nat enable <----- Disable the 'nat' option and clear the current session to get the expected results.
next
|
