Skip to main content
Saba1989
Saba1989
New Member
June 7, 2020
Question

connection with public IP

  • June 7, 2020
  • 1 reply
  • 2262 views

Hi guys i have a 200D fortigate in my company.i published some servers and assign public IP to them (by using Virtual IPs)and have access to internet .These server have access to each other with their private IPs (172.16.1.x). But they can not access each other with public IPs . for example when they do ping each other with private ip there is not any problem but they can not ping each other with public ip. how can i solve this problem?

    1 reply

    lobstercreed
    lobstercreed
    New Member
    June 7, 2020

    Hello,

     

    What you're looking for is called hairpin NAT.  It can generally be achieved two ways:

    [ol]
  • Set up an additional policy for server-to-server traffic using the VIP objects as destinations.
  • Use your existing policy for server-to-server traffic using the regular address objects but set "match-vip enable" on the policy using the CLI.[/ol]

    See here for a KB regarding a setup that may be similar to yours: https://kb.fortinet.com/kb/documentLink.do?externalID=FD36202

     

    - Daniel

    • Terms & ConditionsAccessibility statement