Description |
This article describes how to configure access to FortiVoice from an external network when central natting is enabled on the FortiGate. |
Scope | FortiGate |
Solution |
As shown in the above example, 172.24.3.29 is an external WAN IP and 10.10.10.8 is a mapped internal server IP. The incoming traffic is on port 56004 and is mapped internally to the port 5060.
As shown in the screenshot above, the IPv4 policy configuration where the WAN interface is WAN1 and the FortiVoice connected interface is VOIP VLAN. When Central NAT is enabled, the firewall policy configuration is to set an IP address object as the 'destination', which also refers to the IP addresses of FortiVoice. Ensure the match-vip-only option is enabled for the firewall policy.
This will allow to access FortiVoice from outside of the network when central NAT is enabled. |