03-25-2014 04:23 AM - edited 03-18-2019 02:47 AM
We have implementation of VCS control with VCS expressway within an internal leg of the Fortigate firewall with no dual NIC. We have NAT-ed virtual public IP for both inside the firewall. both VCS are in the same subnet (private IP and NAT-ed virtual public IP). Peer addressing for both NAT-ed virtual public IP is failing but both can definitely recognized their private IP.
Someone might have a similar experience in this kind of implementation. Please advise. Thank you.
03-25-2014 06:31 PM
For such stuff I always recommend to make a drawing and incl further info like version numbers.
What do you mean by "no dual NIC". You do not have the option key or you have it but only use one interface?
If you try it without the dual interface option which is also needed to define the external IP
address it is not supported and no surprise that it fails.
If you have the dual nic option be aware that you have to define the external IP for that
interface and that signaling has to go to the external ip address and not the internal one.
VCS-C > SRC-NAT-VCS (optional) > EXTERNAL IP (VCS-E) > DST-NAT EXT> INT > INT VCS-E
Please remember to rate helpful responses and identify
03-25-2014 08:24 PM
08-07-2014 05:13 AM
Hello There,
The issue got resolved can you please share your findings,
We are also facing the same issue.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: