Why do Virtual IPs not allow "Named Addresses"

Forum|Forum|4 years ago
January 24, 2022
1 reply
1430 views

I apologise if this is a really newbie question, but I'm at a loss at to why the Fortigate allows me to define Addresses (eg. for a Workstation etc), but when I want to define a Virtual IP I cannot use one of the addresses that I have defined and have to supply a physical IP address?

What am I missing? Is this a missing feature from the Fortigate, or some logistical reason why it doesn't make sense to allow this?

FortiGate

akileshc

Staff

Hello Kevmeister,

When the VIP type is set to Static NAT, you are implementing one-to-one NAT, thus you must enter an IP address, and address or address group is not permitted.

If you switch the type to FQDN, however, you may specify the IP/FQDN in External and Mapped addresses. Please see the document below for further information.

https://docs.fortinet.com/document/fortigate/7.0.2/administration-guide/435662/configure-fqdn-based-vips

I hope this helps you implement the setup according to your needs.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded