Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Noori
New Contributor

DNAT with DDNS throw VPN

 

I have two Sites (Site A) using Fortiddns, and Site B using Daillup . There is VPN tunnel between them and it's working fine. I want to make DNAT for my server and it's behind Site B. I don't have public IP Addresd .

it's not working in this scenario? 

1 Solution
AEK
SuperUser
SuperUser

If I understand well your case, DNAT should be on site-A, mapping the site-A's public IP address to the server's IP address that is located on site-B.

What is not working? Any logs? Any blocked traffic?

AEK

View solution in original post

AEK
6 REPLIES 6
AEK
SuperUser
SuperUser

If I understand well your case, DNAT should be on site-A, mapping the site-A's public IP address to the server's IP address that is located on site-B.

What is not working? Any logs? Any blocked traffic?

AEK
AEK
Noori
New Contributor

Yes. exactly but I don't have static public IP address. we use Fortiddns . and the two sites connected throw VPN. 

AEK

In your VIP, you just need to put 0.0.0.0 as External IP address, and it should work.

AEK
AEK
Noori
New Contributor

Yes its 0.0.0.0 . but what I notice if I want to make Ping from Site A Fortigate to the server that behind the Site B Fortigate . the Ping  Faile 

AEK

You need to check if firewall rules allow the traffic on both FortiGates, and your IPsec phase2 selectors on both sites include the communicating sources and destinations.

AEK
AEK
Noori
New Contributor

for source Add that camming from the internet throw the WAN interface the use DDNS . what source add should be

Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors