For such stuff I always

Ritchie Nasayao · ‎03-25-2014

We have implementation of VCS control with VCS expressway within an internal leg of the Fortigate firewall with no dual NIC. We have NAT-ed virtual public IP for both inside the firewall. both VCS are in the same subnet (private IP and NAT-ed virtual public IP). Peer addressing for both NAT-ed virtual public IP is failing but both can definitely recognized their private IP.

Someone might have a similar experience in this kind of implementation. Please advise. Thank you.

Martin Koch · ‎03-25-2014

For such stuff I always recommend to make a drawing and incl further info like version numbers.

What do you mean by "no dual NIC". You do not have the option key or you have it but only use one interface?

If you try it without the dual interface option which is also needed to define the external IP
address it is not supported and no surprise that it fails.

If you have the dual nic option be aware that you have to define the external IP for that
interface and that signaling has to go to the external ip address and not the internal one.

VCS-C > SRC-NAT-VCS (optional) > EXTERNAL IP (VCS-E) > DST-NAT EXT> INT > INT VCS-E

Please remember to rate helpful responses and identify

Ritchie Nasayao · ‎03-25-2014

i have attached a drawing for illustration.

presently, we have no license for dual nic. we are trying to work with the firewall in this. we are looking for work around similar to this deployment.

renji joy · ‎08-07-2014

Hello There,

The issue got resolved can you please share your findings,

We are also facing the same issue.

VCS control and VCS expressway peer address failed