1. Creating three virtual IPs 2. Adding the virtual IPs to a VIP group 3. Creating a security policy 4. Results Using port forwarding on a FortiGate unit This example illustrates how to use virtual IPs to configure port forwarding on a FortiGate unit, which redirects traffic from one port to another. In this example, incoming connections from the Internet are allowed access to a server on the internal network by opening TCP ports in the range 7882 to 7999 and UDP ports 2119 and 2995. Open TCP ports 7882-7999, UDP port 2119 and 2995 for traffic from the Internet to the server Internet FortiGate Server
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
1. Creating three virtual IPs
2. Adding the virtual IPs to a VIP group
3. Creating a security policy
4. Results
Using port forwarding on a FortiGate unitThis example illustrates how to use virtual IPs to configure port forwarding on a FortiGate unit, which redirects traffic from one port to another. In this example, incoming connections from the Internet are allowed access to a server on the internal network by opening TCP ports in the range 7882 to 7999 and UDP ports 2119 and 2995.
Open TCP ports 7882-7999,UDP port 2119 and 2995 for traffic from the Internet to the server
Internet
FortiGate
Server
Creating three virtual IPsGo to Firewall Objects > Virtual IPs > Virtual IPs.
Enable Port Forwarding and add a virtual IP using TCP protocol with the range 7882-7999.
Create a second virtual IP for the UDP port 2119.
Create a third a virtual IP for the UDP port 2995.
Adding virtual IPs to a VIP groupGo to Firewall Objects > Virtual IPs > VIP Groups.
Create a VIP group that includes all three virtual IPs.
Creating a security policyGo to Policy > Policy > Policy.
Create a security policy allowing inbound connections to the server from the Internet. Set the Destination Address as the new VIP group.
ResultsGo to Policy > Monitor > Policy Monitor to see the active sessions.
Select the blue bar for more information on a session.
Go to Log & Report > Traffic Log > Forward Traffic to see the logged activity.
Select an entry for more information about the session.