Hello all -
I have a Fortigate 50E and was wondering if it was possible to relay inbound traffic to a different external location.
Long story short, we were recently acquired by a different company and they want us to relay our traffic to them until they can complete the takeover of our IP block. They want to put in a relay server to do this, but we're struggling to get it working and I was hoping maybe I could just do it at the gateway instead.
Is this possible?
Thanks in advance.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi @acsupport,
I'm not clear about the topology. If you want to forward all Internet traffic to another location, IPsec VPN will be a good option. Please refer to https://docs.fortinet.com/document/fortigate/7.4.1/administration-guide/520377/ipsec-vpns
Regards,
Hi @hbac
Behind my Fortigate, I have several devices that are targets of some port forwarding rules. This new company has their own devices that they would like to use to process the traffic that's currently coming into me. Normally, they would put in a relay server that I would set as the new target for the port forwarding rules, and it would take the data and send it back to their IP. I was hoping I could do the same thing on my 50E, in lieu of their relay server. Think port forwarding but sending it to an external IP rather than an internal one.
Does that make things clearer?
Thanks for your reply!
Hi @acsupport,
You can change port forwarding setting to an external IP instead of internal but you need to change the policy as well.
It is possible to setup a site to site IPsec tunnel between you and the new company, and change the port forwarding rule to forward traffic to internal IP addresses behind the new company.
Regards,
Hi @hbac
Do you have instructions or a link to instructions on how to do this? It sounds like exactly what I need (relaying data to another IP).
Thanks!
Hi @acsupport,
I'm not sure if I understand what you are trying to achieve. Are you trying to relay the date over the Internet or over an IPsec VPN? Please provide a network diagram if possible.
Regards,
I don not think there is any kind of traffic relay on FortiGate. What we can try is create a site-site Ipsec VPN and passing all traffic to the other side. Please refer to this document for more detail "https://docs.fortinet.com/document/fortigate/7.4.1/administration-guide/202791/site-to-site-vpn"
Regards,
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1712 | |
1093 | |
752 | |
447 | |
231 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.