Skip to main content
info3
info3
New Member
April 1, 2019
Question

Need to route all local traffic from a specific IP range to a single IP on the Lan.

  • April 1, 2019
  • 1 reply
  • 9110 views

We are trying to setup a static route on our inside network that routes any traffic that is directed to  10.88.0.0 / 255.255.0.0 to a specific appliance on our local network that has the ip 10.32.14.20

 

Any help in this would be great

 

Fortigate 60e

FortiOS 6.2

Wan IP: 12.34.56.78

router inside lan IP: 10.32.14.1

IP range to be routed: 10.88.0.0 / 255.255.0.0 

Destination Appliance IP: 10.32.14.20

 

 

 

 

1 reply

simonw
simonw
New Member
April 1, 2019

Hi,

 

You should be able to setup a policy based routing.

 

info3
info3Author
New Member
April 1, 2019

Would that be done by hairpin? creating a vip and policy? 

 

 

Just starting out on Fortigate so detailed steps would be much appreciated.

 

info3
info3Author
New Member
April 1, 2019

I did the following steps listed below as a test and it worked but with two problems. 

Problem 1. The appliance on 10.32.14.20 could no longer access the internet. 

Problem 2. We were only able to configure the vip to do the single ip for the external interface.  Could not input it as 10.88.0.0/16 to cover the entire range.

 

created VIP:

interface = any

external ip = 10.88.0.10

internal ip = 10.32.14.20 (ip of our appliance)

Optional filters = (not enabled)

Port forwarding = (not enabled)

 

created a IPv4 policy:

incoming = lan

outgoing = lan

source = all

services = all

nat = (not enabled)

 

ran the following commands via CLI:

# config firewall policy

# edit 2

# set match-vip enable

# end

 

 

 

 

Terms & ConditionsAccessibility statement