Hello forum,
is it possible to configure Explicit Proxy Policy and use a different outgoing IP address as one that is configured for WAN Interface? Unfortunately I cannot see any NAT option within Exp Proxy Policy.
For example - WAN Primary IP 1.1.1.1/24, Secondary IP 2.2.2.2/24
Exp. Proxy Policy use the IP 1.1.1.1 as the source IP address. I would like to change it to 2.2.2.3 for instance. It works correctly with regular IPv4 Policy where I am able to use a dynamic IP Pool and control the NATed source IP address of the outgoing traffic to the Internet.
Thank you advance for any hint.
Jozef
To answer to my question, it is possible to configure outgoing IP (WAN Secondary IP in my case) for Explicit Web/FTP Proxy.
# config web-proxy explicit
(explicit) # set outgoing-ip ? Outgoing HTTP requests will leave this IP. An interface must have this IP address.
Hi,
I am also facing the same issue. Is there any solution to configure NAT in web proxy policy?
Thanks
Ravi
Take a look at my last post. You can specify an outgoing IP for Web Explicit Proxy.
Hello,
Is it possible to NAT traffic to another IP address than the interface address?
I need to NAT some subnets and IPs to another IP address than the interface but the communication is broken. I set an IP Pool object under the explicit policy (OS version 5.6.5). I also tried to add the IP Pool address as a secondary address on the outgoing interface but without success.
AtiT
Yes as indicated earlier you can change the outgoing interface.
http://socpuppet.blogspot.com/2017/08/turn-around-explicit-proxy-on.html
PCNSE
NSE
StrongSwan
There is another way: you can also use a ippool nat in the explicit web proxy policy but only by cli:
config firewall proxy-policy
edit {policyid} set poolname {name IP pool name}
next
end
Ciao
Sergio
You need to set the src address in the policy to set the source address.
http://socpuppet.blogspot.com/2017/08/turn-around-explicit-proxy-on.html
Ken Felix
PCNSE
NSE
StrongSwan
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.