I am setting up a ubuntu server (ver 22.04) so I can place a universal forwarder for Splunk on it and redirect FortiGate traffic to the SIEM (Splunk).
In total there are 6 virtual machines that i am using and all of these virtual machines are connected via Lan segments and IP integration.
here is the network map at the moment
Forwarder: 10.0.1.1/24
fortigate: 10.0.1.254/24
Splunk server: 10.0.1.3/24
I am supposed to put the SIEM as the subnet for the forwarder, with the fortigate being the name server and the gateway. However, it returns this error:
What seems to be the error as I cant wrap my head around this :/
cheers for all of your help!
/24
subnet, the subnet address / ID always has0
as the last octet. (That field is not asking for a host address with a prefix length.)