Aws site to site vpn traffic bot visible on onprem firewall

Hi, we are having a site to site vpn between aws and fortigate fw. Connection between VMs is successful and they can reach eachother. However, the fortigate can only see traffic from on prem to aws. But from aws to on prem the only visible traffic is ping and ssh. Any other type of traffic is not visible even though it is working fine. Any guesses here , whats wrong ?

주제

네트워킹 및 콘텐츠 전송

태그

아마존 VPC 네트워킹 및 콘텐츠 전송 AWS 가상 비공개 네트워크(VPN)

언어

English

Amr Fawzy

질문됨 9달 전295회 조회

2개 답변

최신
최다 투표
가장 많은 댓글

이 답변이 도움이 되었나요?커뮤니티가 여러분의 지식을 활용할 수 있도록 정답을 찬성하세요.

Make sure the traffic is coming via the Site-to-Site VPN connection, it could be taking another path. You can try filtering the incoming traffic on the Fortigate with destination port and destination IP address and leave the source IP address to understand where the traffic is being sourced from.

Matt_E

답변함 9달 전

Amr Fawzy
9달 전
But the traffic is visible if I just ping or try to use SSH. From the same source. i will try to look for the protocol and port used
Amr Fawzy
9달 전
I did try that and still nothing is showing up at the firewall

What other traffic are you expecting to see going to on prem?

Do you have logging on for all your rules if you are using the firewall logs to see the traffic?

전문가

Gary Mclean

답변함 9달 전

Amr Fawzy
9달 전
I am trying to use FTP , RDP , TCP connections over different ports. None of those appear if the connection is initiated from AWS to Fortigate.

Aws site to site vpn traffic bot visible on onprem firewall

관련 콘텐츠