Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

Fortigate as a portforwarder from internal to external



Is it possible to use a fortigate as a portforwarder like:


internal ip port 30001 => external ip port 22


I wan to replace a linux silution with socat with a fortigate firewall. 

Maybe someone has an example how to configurate such a fortigate ?


Kind regards Edwin

Contributor II

Sure, is his job. You can use the VIP (Virtual IP) to publicate the internal service listening on port 30001 and external on port 22.

New Contributor

I understand the use of a vip (virtual ip), but this is used when i need access to an internal source from the internet.


The socat utility is a relay for bidirectional data transfers between two independent data channels.

So i need a kind of vip / proxy to portforward from internal tot external not external to internal.


example tcp 30001 => public ip1 tcp 22 tcp 30002 => public ip2 tcp 443 tcp 30003 => public ip3 tcp 443



Contributor II

You can enable Central SNAT:

config system settings set central-nat enable


View this url and find "To create central SNAT using the GUI:" https://www.fortinetguru....olicy-with-source-nat/

Top Kudoed Authors