Skip to main content
SaurabhGupta
SaurabhGupta
New Member
November 1, 2025
Question

Assessing my Web Application using Firewall

  • November 1, 2025
  • 2 replies
  • 322 views

The scenario:

1. I have a web application installed on my server, which is on IP 192.168.31.68 and the application is accessible on local network through link https://192.168.31.68/U_GEAR.

2. I have FotiGate 40F firewall who WAN is connected to Internet (as well as on company LAN basically) and has IP 192.168.31.193.

3. I do not have a static IP.

 

I want to access this web application (which is an ERP) on an external network. How can I achieve this using the current system? The constraint remains that cannot change the IP configuration of the Server or the other ports in the company.

 

Someone from the ERP team asked to use VPN and enter local network. However, I do not have any idea on how can this be achieved.

2 replies

Curtava
Curtava
New Member
November 1, 2025

Using VPN is usually the best way here since there’s no static IP and the server setup can’t be changed. You can set up SSL VPN on the fortigate so remote users can securely connect to the local network and access the ERP through its local link. Port forwarding with Dynamic DNS could work too but that would expose the ERP to the internet, so vpn is definitely the safer option. And if you want to keep you files organized, you can use cx file manager app.

AEK
SuperUser
AEK
SuperUser
November 2, 2025

Hi Saurabh

I don't think is a good idea to publish your ERP on the internet. If the ERP is intended to be accessed by the company staff then the right thing to do is to make it accessible through VPN, or ZTNA.

If you go for VPN, since SSL VPN is now discarded by Fortinet, then you will need to configure dialup IPsec.

Regarding the dynamic public IP, you can use dynamic DNS, either for ZTNA or for dialup IPSec.

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Use-DDNS-for-an-IPsec-dial-up-connection-from/ta-p/335586

AEK
Curtava
Curtava
New Member
December 7, 2025

Which FortiOS version are you on that dropped SSL-VPN??

Terms & ConditionsAccessibility statement