Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Da7thSon
New Contributor

Transparent mode broken after upgrade

Hi all,

 

I have a FortiGate 80C which i've had from some time and have gone through version 5.0 and 5.2 and all worked fine untill i upgraded to 5.4.

 

The configuration was that i have an internet facing router with IP address x.x.x.78 /29.2 vDOMs. The 1st was just the root vDom running NAT so nice and simple with a public IP x.x.x.77 /29. The 2nd vDOM was set in transparent mode with 1 interface in the public and the other in a public DMZ which has servers in the public range  (for example x.x.x.76). the policies for the transparent vDOM were very simple as it was inbound port 80 and 443 etc and pretty much allow all out.

 

I upgrade the fortigate to 5.4.5 and all of a sudden the transparent vDOM just stopped forwarding packets (the root NAT vDOM works fine). I've deleted the vDOM in question and tried recreating it and it still doesn't work. I've upgraded to 5.6.0 and it still doesn't work. I've created the polices with any any all in both directions and it doesn't work.

 

If i enable ping on the internal and external interface on this vDOM i can ping from the servers to the management IP address of the vdom and can also ping that management IP address from the external. It will not pass traffic.

 

Please, can someone help as i am completely out of ideas?

1 REPLY 1
ede_pfau
Esteemed Contributor III

Not a solution yet but a tip: have you checked the "What's New in FOS 5.4" doc on docs.fortinet.com ? Might have something to do with NAT handling, central NAT,...just guessing at the moment.


Ede

"Kernel panic: Aiee, killing interrupt handler!"
Ede"Kernel panic: Aiee, killing interrupt handler!"
Labels
Top Kudoed Authors