Forum Discussion

hobbssj's avatar
hobbssj
Brass Contributor
Jan 06, 2021
Solved

question about Route tables and network virtual appliance

I'm setting up routing in Azure using a Network Virtual Appliance firewall.    I have all of the routing working to and from the virtual gateway to on perm, however I am struggling to configure the...
  • hobbssj's avatar
    hobbssj
    Jan 18, 2021

    ibnmbodji 

     

    Got this resolved, 

     

    the fortigate does not support mutiple interfaces in the same subnet, I ended up putting the interfaces in the host subnets and it worked. 

     

     

hobbssj's avatar
hobbssj
Brass Contributor
Jan 07, 2021

ibnmbodji 

 

We are using a fortigate Appliance 

 

Out design calls for all internet bound vnet traffic to be routed through the same interface. so the fortigate is using a firewall policy to receive traffic on the 10.0.1.5 interface and and send it out the 10.0.1.7 interface.

 

The 10.0.1.7 interface has a public ip attached to it

 

I have noticed that the traffic is being routed to the internet, it seems that is just not coming back

 

On each attempt I see the same three events in the firewall log 

 

Accept session start

Accept IP Connection Error 

Accept Session timeout 

 

Looking a bit further I see that the error indicates that the gate is not receiving a reply from the started session 

 

https://kb.fortinet.com/kb/microsites/search.do?cmd=displayKC&docType=kc&externalId=FD39321

 

Any chance this is similar to your issue?

  • hobbssj's avatar
    hobbssj
    Brass Contributor
    Jan 18, 2021

    ibnmbodji 

     

    Got this resolved, 

     

    the fortigate does not support mutiple interfaces in the same subnet, I ended up putting the interfaces in the host subnets and it worked. 

     

     

    • ibnmbodji's avatar
      ibnmbodji
      Iron Contributor
      Jan 18, 2021

      hobbssj 

       

      Awsome,  Thanks for the feedback 

Resources