Help
FortiGuard
Fortinet’s Global Threat Intelligence and Research
Dhruvin_patel
Staff
Staff

Created on ‎09-10-2023 11:36 PM Edited on ‎09-10-2023 11:37 PM By Community Manager

Article Id 272982

Technical Tip: Create VIP with external FQDN to map with internal server IP address

Description

This article describes that in some environments, sometimes it is necessary to create a VIP with external FQDN to map with an internal server IP address.

 

Follow the below steps to create a VIP:

 

  • Go to Policy & Objects -> Virtual IPs and select Create New -> Virtual IP.
  • Enter a name for the newly created VIP.
  • Select an external interface.
  • For Type, select FQDN.
  • For External, select FQDN and enter the FQDN.
  • In the Mapped address, It is necessary to select FQDN. It will not give the option to select the IP address.
Scope FortiGuard.
Solution

To configure the VIP with external FQDN to map the internal server IP address, create the DNS database on FortiGate, which will resolve the mapped FQDN to an internal IP address.

 

To create DNS enter on FortiGate, First of all, enable the DNS database option from feature visibility.

Go to Network -> DNS server -> Create the DNS Database.

 

kb2.PNG

 

DNS entry that will resolve the internal.server.fg to internal map IP(server IP) Address 10.0.10.10:

 

kb3.PNG

 

Later, verify that the FortiGate can resolve the FQDN to the mapped internal server IP address.

 

exe ping internal.server.fg
PING internal.server.fg (10.0.10.10): 56 data bytes

 

This solution will help to create VIP with external FQDN to map the internal server IP address.
615
0 Kudos
Submit Article Idea
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.