HTTPS Forwarding not working correctly

Forum|Forum|6 years ago
July 2, 2019
2 replies
30843 views

Hi all,

Running v6.2 firmware and not able to perform a simple port forward to an HTTPS server internally, something odd in the Fortinet logic or is it a known issue?

Trying to access an internal HTTPS server from outside, I've setup a NAT (Virtual IP) for the external IP, internal IP of the web server and using port 445 on the outside and 443 inside. Added the corresponding IPv4 policy to allow HTTPS traffic through.

When browsing the external IP on https://x.x.x.x:445 i'm receiving the Fortigate login page rather than the expected internal web server. The NAT doesn't appear to be working as it should, what's wrong with the above config?

Dave_Hall

New Member

By default Fortigate management uses port 443 - if you want to use this port in a VIP or port forward, you need to change the HTTPS port for accessing the Fortiate's GUI. e.g.

config system global set admin-sport 8443 end Your VIP or port forward for 443 should work after this change. Just remember after this change, you need to use xx.xx.xx.xx:8443 (as an example) to access the Fortigate directly.

m84_2019Author

New Member

Yeah I get that I can change the port on the management/SSLVPN or internal server but I am surprised that it cannot NAT to anything on the same external IP with internal TCP port of 443, even if the external port and internal IP are different.

This would appear to be a bug/limitation of the Fortigate.