Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
acsupport
New Contributor

Fortigate 50E Relaying Traffic

Hello all -

 

I have a Fortigate 50E and was wondering if it was possible to relay inbound traffic to a different external location.

 

Long story short, we were recently acquired by a different company and they want us to relay our traffic to them until they can complete the takeover of our IP block.  They want to put in a relay server to do this, but we're struggling to get it working and I was hoping maybe I could just do it at the gateway instead.

 

Is this possible?

 

Thanks in advance.

6 REPLIES 6
hbac
Staff
Staff

Hi @acsupport

 

I'm not clear about the topology. If you want to forward all Internet traffic to another location, IPsec VPN will be a good option. Please refer to https://docs.fortinet.com/document/fortigate/7.4.1/administration-guide/520377/ipsec-vpns

 

Regards,

acsupport
New Contributor

Hi @hbac 

 

Behind my Fortigate, I have several devices that are targets of some port forwarding rules.  This new company has their own devices that they would like to use to process the traffic that's currently coming into me.  Normally, they would put in a relay server that I would set as the new target for the port forwarding rules, and it would take the data and send it back to their IP.  I was hoping I could do the same thing on my 50E, in lieu of their relay server.  Think port forwarding but sending it to an external IP rather than an internal one.

 

Does that make things clearer?

 

Thanks for your reply!

hbac

Hi @acsupport

 

You can change port forwarding setting to an external IP instead of internal but you need to change the policy as well. 

 

It is possible to setup a site to site IPsec tunnel between you and the new company, and change the port forwarding rule to forward traffic to internal IP addresses behind the new company. 

 

Regards,

acsupport
New Contributor

Hi @hbac 

 

Do you have instructions or a link to instructions on how to do this?  It sounds like exactly what I need (relaying data to another IP).

 

Thanks!

hbac

Hi @acsupport

 

I'm not sure if I understand what you are trying to achieve. Are you trying to relay the date over the Internet or over an IPsec VPN? Please provide a network diagram if possible. 

 

Regards, 

mle2802
Staff
Staff

I don not think there is any kind of traffic relay on FortiGate. What we can try is create a site-site Ipsec VPN and passing all traffic to the other side. Please refer to this document for more detail "https://docs.fortinet.com/document/fortigate/7.4.1/administration-guide/202791/site-to-site-vpn"

Regards,

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors