Hello, we are using a Fortigate 61E and want to give users coming from the WAN interface access to an internal Emby server. We cannot use VPN access for this appliance and do not want to use straight port forwarding for security reasons. Is there another way to configure this external acces in a secure way?
Why not use port forwarding? You can map the ports and IPs as well as restrict who can use that port if needed as well, to further lower who can get in.
If not VPN or Port Forwarding, it would have to be an outbound type connection that you can't really control in the same way.
Is it possible to put the services and security-policies from the UTM on that connection with portforwarding? Is possible to create a separate login page in the Fortigate as a first barrier before access is granted to the appliance on the internal network?
I am worried about portscanners that immediately get access to the Emby login page and then use brute force techniques or possible exploits to gain access to the internal network that way.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.