Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Myrella
New Contributor

Created on ‎09-11-2014 10:20 AM

Access to an app from outside

Hello guys, I am new to fortinet, and a junior IT I need help with something please. I have an app on a server and I need people access to it from outside. I have no idea how to do it. When I test it internal, it works. Thank you for your help
4392
0 Kudos
5 REPLIES 5
ede_pfau
SuperUser
SuperUser

Created on ‎09-11-2014 10:29 AM

Hi Myrella, and welcome to the forums. You can access internal hosts (or only certain ports on it) from outside via ' Virtual IP' . This a a firewall object that translates and externally used IP address into an internal one (so, it does Destination NAT). Follow these steps: 1. Create a VIP ext address: (your FGT' s public IP) ext port: <port number used by your app> mapped to addr: <internal IP of server> mapped to port: <same port number as above> port forwarding: enable 2. Create an incoming policy to make the VIP work src interface: wan1 src addr: 0.0.0.0/0 dest int: internal dest addr: your_new_VIP service: <corresponding to mapped port> action: accept Please note that you cannot test server access with ' ping' if using port forwarding. You could as well NOT use port forwarding if you have more than one public IP address. Please try this and let us know how it worked.
Ede Kernel panic: Aiee, killing interrupt handler!
Ede Kernel panic: Aiee, killing interrupt handler!
2623
0 Kudos
Myrella
New Contributor

Created on ‎09-11-2014 12:32 PM

Thank you so much ede_pfau Yes it works :) So grateful. On more question. How can I make it a name like myapps.com what is better than a IP address Thank you again
2637
0 Kudos
Jonathan_Rennie_FTNT
Staff
Staff
In response to Myrella

Created on ‎09-11-2014 01:25 PM

This is the best document to explain how to implement FortiDDNS http://docs-legacy.fortinet.com/cb/recipes/associating-a-domain-name-with-an-interface-that-has-a-dynamic-IP.pdf
That will be me then!!
2637
0 Kudos
ede_pfau
SuperUser
SuperUser

Created on ‎09-12-2014 12:35 AM

IP address and name (FQDN) are connected via DNS. DNS are run by ISPs. So, if your public IP address is static (does not change over time) then your ISP should be able to make a DNS entry for you. If your public IP address is dynamic (i.e. is assigned to you randomly and changeing every 24 hours or so) then you can use " Dynamic DNS" to associate a name with this address. From FortiOS v5 on Fortinet offers a DDNS service for free - that is, as long as you have a paid support contract. Nothing is for free. There are many other service providers on the Net that offer DDNS services for a small fee. One of the best known is dyndns.org (dyn.com). You configure your FQDN (fully qualified domain name, like ' myservice.dyndns.org' ) and your account information in the FGT config. Please see the document cited by Jonathan for details. You can use FortiDDNS or any other provider, as you like.
Ede Kernel panic: Aiee, killing interrupt handler!
Ede Kernel panic: Aiee, killing interrupt handler!
2637
0 Kudos
Myrella
New Contributor

Created on ‎09-12-2014 11:52 AM

Good evening Ede, Didn' t try it yet, but I will. Thank you very much for everything Myrella
2637
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.