- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Fortigate 50E Relaying Traffic
Hello all -
I have a Fortigate 50E and was wondering if it was possible to relay inbound traffic to a different external location.
Long story short, we were recently acquired by a different company and they want us to relay our traffic to them until they can complete the takeover of our IP block. They want to put in a relay server to do this, but we're struggling to get it working and I was hoping maybe I could just do it at the gateway instead.
Is this possible?
Thanks in advance.
- Labels:
-
FortiGate
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @acsupport,
I'm not clear about the topology. If you want to forward all Internet traffic to another location, IPsec VPN will be a good option. Please refer to https://docs.fortinet.com/document/fortigate/7.4.1/administration-guide/520377/ipsec-vpns
Regards,
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @hbac
Behind my Fortigate, I have several devices that are targets of some port forwarding rules. This new company has their own devices that they would like to use to process the traffic that's currently coming into me. Normally, they would put in a relay server that I would set as the new target for the port forwarding rules, and it would take the data and send it back to their IP. I was hoping I could do the same thing on my 50E, in lieu of their relay server. Think port forwarding but sending it to an external IP rather than an internal one.
Does that make things clearer?
Thanks for your reply!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @acsupport,
You can change port forwarding setting to an external IP instead of internal but you need to change the policy as well.
It is possible to setup a site to site IPsec tunnel between you and the new company, and change the port forwarding rule to forward traffic to internal IP addresses behind the new company.
Regards,
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @hbac
Do you have instructions or a link to instructions on how to do this? It sounds like exactly what I need (relaying data to another IP).
Thanks!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @acsupport,
I'm not sure if I understand what you are trying to achieve. Are you trying to relay the date over the Internet or over an IPsec VPN? Please provide a network diagram if possible.
Regards,
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I don not think there is any kind of traffic relay on FortiGate. What we can try is create a site-site Ipsec VPN and passing all traffic to the other side. Please refer to this document for more detail "https://docs.fortinet.com/document/fortigate/7.4.1/administration-guide/202791/site-to-site-vpn"
Regards,