Port Fowarding over site to site VPN

Forum|Forum|1 year ago
July 16, 2024
1 reply
2170 views

i have the following setup

Site A -> Has static public ip

Site B -> Has no public ip

The two sites are connected via Ipsec. I am trying to do a port forwarding over public IP while the VM itself is located in Site B.

I can't see to get it to work. Moreover, when doing a ping I can ping it and telenet from any machine located within Site A. But can't do it from the fortigate console itself.

Any advise plz?

ozkanaltas

Valued Contributor III

Hello @gassoraba ,

If I understand correctly, you are trying to access the server in site B using the public IP address on site A. This should work without any problems. Is it possible for you to share with us the configurations you have made to understand where the problem is?

gassorabaAuthor

New Member

Hi @ozkanaltas ,

My config is as follows:

I have site A - Site B IPsec over the dedicated subnet. The public IP is going to Site A On Wan2 interface.

From there I added a virtual IP pointing to my local VM located in Site B over port 8062 And added a firewall policy between wan 2 and the virtual IP for all services without NAT

Don't know if I am missing something

ozkanaltas

Valued Contributor III

Hi @gassoraba ,

You said that there is no public IP on Site B, so you should configure DNAT on Site A. After this configuration, traffic can reach site B via ipsec.

A configuration should be made as follows. I gave IP addresses as an example. In the texts below the boxes, I indicated what should be defined on which device.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded