Fortigate as a portforwarder from internal to external

Hi,

Is it possible to use a fortigate as a portforwarder like:

internal ip port 30001 => external ip port 22

I wan to replace a linux silution with socat with a fortigate firewall.

Maybe someone has an example how to configurate such a fortigate ?

Kind regards Edwin

Explorer III

Sure, is his job. You can use the VIP (Virtual IP) to publicate the internal service listening on port 30001 and external on port 22.

EdgeAuthor

New Member

I understand the use of a vip (virtual ip), but this is used when i need access to an internal source from the internet.

The socat utility is a relay for bidirectional data transfers between two independent data channels.

So i need a kind of vip / proxy to portforward from internal tot external not external to internal.

example

192.168.250.5 tcp 30001 => public ip1 tcp 22

192.168.250.5 tcp 30002 => public ip2 tcp 443

192.168.250.5 tcp 30003 => public ip3 tcp 443

Explorer III

You can enable Central SNAT:

config system settings set central-nat enable

View this url and find "To create central SNAT using the GUI:" https://www.fortinetguru....olicy-with-source-nat/

Sign up