Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
arifkiziltepe
New Contributor

Can not access Virtual server IP in LAN

Hello,

I installed multi-server zimbra for mail system. I have 2 ldap, 2 mailbox, 2 MTA and 2 proxy servers in my cluster.  The servers have LAN IP addresses but it serving with global IP and domain. I’m using Fortigate Virtual Server for load balancing and redirect. The system works exactly as I want.  I haven’t any connection problem from accessing the global internet. But I have "connection timed out" error in LAN when trying to access the domain. I haven't figured out where I went wrong yet. Here is an example, my virtual server settings. Thanks for helping :)

 

Virtual Server (18X.XXX.XXX.XX6) mapped to Real Servers (1XX.XXX.XXX.XX0 and 1XX.XXX.XXX.XX1). Global access is OK but the server or client(in LAN) cannot access the virtual Server IP or domain.

 
3 REPLIES 3
rwpatterson
Valued Contributor III

This had happened to me in the past many, many years ago. I had to do some weird configuration to get it to work. If I can recall, I believe I made a policy from the inside LAN to the outside interface with the target destination the internal IP address. I know it looks stupid, but if I recall it did the trick. Give that a whirl.

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com

arifkiziltepe

Hello,

Thanks for replying, I think I already have. Would you check ?

 

[link]https://ibb.co/x3Drc6F[/link]

rwpatterson
Valued Contributor III

Looks to be so. I'm out of ideas. What does a trace route get you?

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com