Hi everyone. I'm new to the Fortinet product family. I've implemented recently a FG100D for a customer. The ISPfor this customer has a particular way of setting the WAN configurations. The WAN config for my interface has a private IP address. The default gateway is also a private address. To allow for internet access for the users I've defined a NAT rule so that traffic comming from the LAN hitting the default route will be NATed to the public IP. So far so good. The issue starts when I need the Fortigate to communicate with the rest of the outside world. I did have to dig arround a bit to get information regarding this particular settings because by default, the fortigate asumes that the address for the WAN is public and reacheable.
I've defined the following settings:
# get system source-ip status
The following services force their communication to use
a specific source IP address:
service=NTP source-ip=200.PUB.PUB.1
service=DNS source-ip=200.PUB.PUB.1
service=Fortiguard source-ip=200.PUB.PUB.1
service=Alert Email source-ip=200.PUB.PUB.1
This way the Fortigate is able to communicate and recognize the license and it is working correctly. The issue comes when I want to use the Forticloud reports. I receive an empty report by email every day. On forticloud it reports:
System Status
Management Tunnel is Down
And under the Management menu it says:
Config Management has not been enabled.
Enable Config Management
I don't seem to be able to find the source-ip settings for this specific service, if there is any, or if I'm doing something wrong.
Could someone look at this? Thanks.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.