Publishing Web Servers

Forum|Forum|20 years ago
September 12, 2005
2 replies
1831 views

I' ve tried publishing a web server using virtual ip/port forwarding. Here' s the configuration: External Interface: port 3 External port: 80 Internal port: 81 External ip: x.x.x.x internal ip: 10.0.0.1 port forwarding option selected I' ve then created a policy rule with the following configuration: Source port: port 3 Destination port: port 1 source address: all destination address: <nameofvirtual ip> schedule: always service: http action: accept NAT option selected. Doesn' t seem to work if I browse to the external ip, however, if I change the service to ANY, it seems to work fine. What other ports need to be enabled? Also, if i want to use an alternate IP address, do I just specify the alternate IP in the virtual IP config, or does that IP have to be configured elsewhere first? TIA!

UkWizard

New Member

This is probably happening because the webserver is using port 81, rather than 80. thus the rule when saying http (port 80) is failing. Create an custom service, with port 81, then use this for the service rather than http. And yes, to use another IP, just changing the virtual ip details is enough.

UkWizard

New Member

oh, by the way, the NAT should NOT be enabled, otherwise you will never be able to tell who is accessing the webserver, should any attacks take place. As all your logs will only have the fortinet address.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded