Filter
Top Products
162 Fortinet Inc.
Adding port forwarding virtual IPs Firewall configuration
4 Select the virtual IP External Interface. The External Interface is the interface
connected to the source network that receives the packets to be forwarded to the
destination network.
5 Change Type to Port Forwarding.
6 In the External IP Address field, enter the external IP address to be mapped to an
address on the destination zone.
You can set the External IP Address to the IP address of external interface selected in
step 4 or to any other address.
If the IP address of the External interface selected in step 4 is set using PPPoE or
DHCP, you can enter 0.0.0.0 for the External IP Address. The FortiGate unit
substitutes the IP address set for this external interface using PPPoE or DHCP.
For example, if the virtual IP provides access from the Internet to a server on your
internal network, the External IP Address must be a static IP address obtained from
your ISP for this server. This address must be a unique address that is not used by
another host. However, this address must be routed to the External Interface selected
in step 4.
7 Enter the External Service Port number for which to configure port forwarding.
The external service port number must match the destination port of the packets to be
forwarded. For example, if the virtual IP provides access from the Internet to a Web
server, the external service port number would be 80 (the HTTP port).
8 In Map to IP, enter the real IP address on the destination network.
For example, the real IP address could be the IP address of a web server on an
internal network.
If you enter an IP address on the same subnet as the internal interface, the virtual IP
can be added to Ext->Int or DMZ->Int policies.
If you enter an IP address on the same subnet as the DMZ interface, the virtual IP can
be added to Ext->DMZ policies.
9 Set Map to Port to the port number to be added to packets when they are forwarded.
If you do not want to translate the port, enter the same number as the External Service
Port.
If you want to translate the port, enter the port number to which to translate the
destination port of the packets when they are forwarded by the firewall.
10 Select the protocol to be used by the forwarded packets.
11 Select OK to save the port forwarding virtual IP.