Fortigate traffic sourced from wrong interface

Installed new Fortigate 61E’s, everything seemed to work as planned until I wanted to added Fortianalyzer for traffic analysis. Testing seemed to indicate that Fortianalyzer traffic was being sent out the WAN interface instead of the IPSEC tunnel. After searching around I found that a source ip needed to be set for traffic originating from the Fortigate for traffic like Fortianalyzer, syslog etc. The following config helped resolve.

config log fortianalyzer setting
set status enable
        set server x.x.x.x
set source-ip x.x.x.x
end

config log syslogd setting
     set status enable
     set server x.x.x.x
     set source-ip x.x.x.x

end

Leave a comment

Your email address will not be published.