Adding A Virtual Ip With Port Translation Only - Fortinet FortiGate Series Administration Manual
Hide thumbs
Also See for FortiGate Series:
- Administration manual (60 pages) ,
- Install manual (51 pages) ,
- Quick start manual (14 pages)
Table of Contents
Advertisement
Firewall Virtual IP
Adding a virtual IP with port translation only
FortiGate Version 4.0 MR1 Administration Guide
01-410-89802-20090903
http://docs.fortinet.com/
•
Feedback
4 Select the virtual IP External Interface from the list.
The external interface is connected to the source network and receives the packets to
be forwarded to the destination network.
Select any firewall interface or a VLAN subinterface.
5 Set the External IP Address to 0.0.0.0.
The 0.0.0.0 External IP Address matches any IP address.
6 Enter the Mapped IP Address to which to map the external IP address. For example,
the IP address of a PPTP server on an internal network.
7 Select Port Forwarding.
8 For Protocol, select TCP.
9 Enter the External Service Port number for which to configure dynamic port forwarding.
The external service port number must match the destination port of the packets to be
forwarded. For example, if the virtual IP provides PPTP passthrough access from the
Internet to a PPTP server, the external service port number should be 1723 (the PPTP
port).
10 Enter the Map to Port number to be added to packets when they are forwarded.
Enter the same number as the External Service Port if the port is not to be translated.
11 Select OK.
When adding a virtual IP, if you enter a virtual IP address that is the same as the mapped
IP address and apply port forwarding, the destination IP address will be unchanged, but
the port number will be translated.
Note: To apply port forwarding to the external interface without binding a virtual IP address
to it, enter the IP address of the network interface instead of a virtual IP address, then
configure port forwarding as usual.
To add a virtual IP with port translation only
1 Go to Firewall > Virtual IP > Virtual IP.
2 Select Create New.
3 Enter a name for the dynamic virtual IP.
4 Select the virtual IP External Interface from the list.
The external interface is connected to the source network and receives the packets to
be forwarded to the destination network.
Select any firewall interface or a VLAN subinterface.
5 Set the External IP Address as the mapped IP address.
6 Enter the Mapped IP Address to which to map the external IP address. For example,
the IP address of a PPTP server on an internal network.
7 Select Port Forwarding.
8 For Protocol, select TCP.
9 Enter the External Service Port number for which to configure dynamic port forwarding.
The external service port number must match the destination port of the packets to be
forwarded. For example, if the virtual IP provides PPTP passthrough access from the
Internet to a PPTP server, the external service port number should be 1723 (the PPTP
port).
Configuring virtual IPs
461
Advertisement
Table of Contents
