Sunday, March 8, 2015

FortiOS v5.x Alert email settings for email servers in different subnet

If your fortinet device and email server are in different subnet, FortiOS v5.x will not be able to send alert emails to email server by setting only email server address from Gui.

You should also perform some configuration from CLI.

Connect to device by SSH.

FG100D # config system email-server
 

FG100D (email-server) #
set      Modify value.
unset    Set to default value.
get      Get dynamic and system information.
show     Show configuration.
abort    End and discard last config.
end      End and save last config.



//execute show command to view your current settings.

FG100D (email-server) # show
config system email-server
    set reply-to "fw@fxxxx.com"
    set server "10.1.10.11"
    set port 587
end

 //execute get command to view your current settings.

FG100D (email-server) # get
type                : custom
reply-to            : fw@fxxx.com
server              : 10.1.10.11
port                : 587
source-ip           : 0.0.0.0      //define source-ip in order to FG to access email server in different subnet
source-ip6          : ::
authenticate        : disable
security            : none


FG100D (email-server) # set source-ip 10.5.x.x (FW interface IP address that can reach messaging server)


Now, FG will be able send alert emails to messaging server in different subnet

Be sure you already configured relay on your messaging server.

No comments:

Post a Comment

 
span.fullpost {display:inline;}