Policy Counter not working
External Public IP addresses range in configured as a secondary range on one of the fortigate interfaces.
We took one IP from that range and configured it as a Virtual Server LB to 4 internal servers exists behind another interface.
See topology attached.
Then we configured 2 policies:
1- from interface 1 to interface 2 to IP 220.127.116.11. (18.104.22.168 as IP address object , NOT virtual server)
2- from interface 2 to interface 3 to the virtual server 22.214.171.124
we see counter/policy hits on policy number 2
but we don't see counter/policy hits on policy number 1
we thought at first that we don't need policy 1 , but after deleting it , no one was able to connect to the virtual server.
So policy 1 is necessary but it is not showing counter and no logs showing in fortianalyzer/diag debug regading policy 1
should the counter work and maybe this is a bug ?
or it should not work ...
Can anyone explain this to me ?