Created on 02-24-2005 12:00 AM Edited on 12-16-2021 09:23 AM
Article
Description |
The procedure for enabling push updates when the FDN (FortiGuard Distribution Network) connects to the FortiGate unit through a NAT device did not specify that push updates use UDP protocol. For your convenience, the updated procedure is provided below. | ||||||||||||
Procedure |
Enabling push updates through a NAT deviceIf the FDN can connect to the FortiGate unit only through a NAT device, you must configure port forwarding on the NAT device and add the port forwarding information to the push update configuration. Using port forwarding, the FDN connects to the FortiGate unit using UDP on either port 9443 or an override push port that you specify. Note: You cannot receive push updates through a NAT device if the external IP address of the NAT device is dynamic (for example, set using PPPoE or DHCP). General procedure Use the following steps to configure the FortiGate NAT device and the FortiGate unit on the internal network so that the FortiGate unit on the internal network can receive push updates:
Note: Before completing the following procedure, you should register the internal network FortiGate unit so that it can receive push updates. To add a port forwarding virtual IP to the FortiGate NAT device Configure a FortiGate NAT device to use port forwarding to forward push update connections from the FDN to a FortiGate unit on the internal network.
To add a firewall policy to the FortiGate NAT device
To configure the FortiGate unit on the internal network
|
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.