Virtual IP forwarding TCP & UDP

Forum|Forum|19 years ago
September 18, 2006
3 replies
5431 views

I need to create a Virtual IP Mapping with port forwarding, but for the application to run properly I need to forward a TCP and an UDP port from the same external IP The external application that connects to the FG can only be set to connect to a single IP address (I cannot configure an address for the TCP and other for the UDP) When I try to create a Virtual IP I only can set TCP or UDP port forwarding Any idea will be greatly appreciated

rwpatterson

New Member

I have had this issue as well. My workaround was to leave the port forwarding option turned off, and to create a service group for the policy. This way you could use up to 16 TCP or UDP ranges in one custom group, and one single policy. The only other way about this that I know of would be to create a second virtual IP mapping with the other protocol set up with port forwarding as well. In my travels around my 1000a, I have noticed that with open no mapping with virtual IP policies, I had to create a second accompanying rule anyway for it to work. By the way, I' m on version 3.0 build 3.18. Good luck. Bob Patterson

Prometejas

New Member

I found Virtual IP group in RC3.

wcbenyip

New Member

It' s a good news to heard that the VIP group option included on the RC3. I agree with the method provided by Bob Patterson - Our box is still running v2.8mr11, our approach is setting up a NAT (VIP) instead of a PAT (VIP with port forwarding). And then creating a custom service group to include any services/ports the application needs, finally set a fw policy to allow the inbound traffic to that VIP with the customized service group - this approach works!

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded