Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Summarizing for this moment there is one solution?
ede_pfau wrote:
hi, and welcome to the forums! There is no setting for specifying the IP directly. Instead, you could try to use a VIP with port mapping: Firewall objects > Virtual IP > Create new external IP: one of your WAN IPs external port: say, 20443 mapped to : your primary WAN IP mapped to port: 10443 (default for SSL VPN) Then, create a policy: src IF: WAN src IP: all dst IF: WAN dst IP: your VIP service: custom service for tcp/20443 schedule: ... action: accept NAT: no Give it a try and let us know how it works.
Super old thread, I know, but it was referenced in a more recent post and I wanted to make sure y'all knew that you can actually set up a loopback interface to accomplish this.
[ul]
Boom, you have what you did here but without it listening on your actual public interface. I did this years ago myself actually to solve the problem of having more than one ISP but wanting a consistent VPN address (using BGP peering for my ISPs).
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1732 | |
1105 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.