Help
FortiSandbox
FortiSandbox provides a solution to protect against advanced threats and ransomware for companies who don’t want to implement and maintain a sandbox environment on their own.
fropert_FTNT
Staff
Staff

Created on ‎08-14-2014 01:04 AM

Article Id 191112

Technical Note: Sandbox VM is not able to access Internet

Description
FortiSandbox virtual machines needs access to Internet when a file is executed inside a virtual machine system and it requires public network access.
An Internet connectivity through port 3 is needed and the "Allow Virtual Machines to access external network through outgoing port" must be enabled.
If there is a problem the system information widget will display a warning sign nearby the "VM Internet Access" text label as illustrated in the following picture:

fropert_fortisandbox_vm_internet_access_fortisandbox.png


Scope
FortiSandbox
Solution
Go to System > Config > General menu and enable "Allow Virtual Machines to access external network through outgoing port" as illustrated in the following picture:

fropert_fortisandbox_allow_vm_outgoing_port.png


Once the setting is validated, the FortiSandbox will confirm Internet connectivity by executing a PING to 8.8.8.8.
It can be verified using the tcpdump command through a FortiSandbox SSH session:

> tcpdump -i port3 host 8.8.8.8 
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode 
listening on port3, link-type EN10MB (Ethernet), capture size 65535 bytes 
15:33:29.287805 IP 172.31.19.28 > google-public-dns-a.google.com: ICMP echo request, id 26709, seq 0, length 64 
15:33:29.365127 IP google-public-dns-a.google.com > 172.31.19.28: ICMP echo reply, id 26709, seq 0, length 64 
15:33:30.287941 IP 172.31.19.28 > google-public-dns-a.google.com: ICMP echo request, id 26709, seq 1, length 64 
15:33:30.340258 IP google-public-dns-a.google.com > 172.31.19.28: ICMP echo reply, id 26709, seq 1, length 64 
15:33:31.288092 IP 172.31.19.28 > google-public-dns-a.google.com: ICMP echo request, id 26709, seq 2, length 64 
15:33:31.339537 IP google-public-dns-a.google.com > 172.31.19.28: ICMP echo reply, id 26709, seq 2, length 64 
15:33:32.288217 IP 172.31.19.28 > google-public-dns-a.google.com: ICMP echo request, id 26709, seq 3, length 64 
15:33:32.340991 IP google-public-dns-a.google.com > 172.31.19.28: ICMP echo reply, id 26709, seq 3, length 64 
15:33:33.288318 IP 172.31.19.28 > google-public-dns-a.google.com: ICMP echo request, id 26709, seq 4, length 64 
15:33:33.341110 IP google-public-dns-a.google.com > 172.31.19.28: ICMP echo reply, id 26709, seq 4, length 64 

Five succesful consecutive ICMP echo reply must be received by the FortiSandbox.

When the Internet connectivity is restored, a green up sign will be displayed in the System Information widget as illustrated in the following picture:

fropert_fortisandbox_vm_internet_access_ok.png

A click on the widget refresh button ( fropert_fortisandbox_refresh_button_widget.png ) may be required to get an instant update of the VM Internet Access status.


Labels:
3525
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.