Created on 02-04-2024 10:10 PM Edited on 02-04-2024 10:11 PM By Anthony_E
Description | This article describes how to provide Internet access to a server behind the FortiWeb. In some scenarios, the admin is required to provide Internet access to the server protected by the FortiWeb. |
Scope |
FortiWebv7.2.X. In this scenario, Server 10.0.0.70 is behind FortiWeb and could require to get some resources from the internet. |
Solution |
The firewall only provides internet access to the IP address in the outside interface(port3-192.168.61.128) of the FortiWeb:
Diagram:
By default, the traffic is not allowed:
It is necessary to enable set ip-forward:
The traffic passes from port4 to port3. However, it still not answering because it is passing with the original IP 10.0.0.70. NAT will be required.
Enable the Firewall option in feature visibility and configure a NAT rule.
The traffic is translated to the IP in the outside interface of FortiWeb:
The server gets internet access:
|
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.