Hello everybody,
I have a FortiGate 60F appliance and I have my WAN interface configured with a secondary IP address. Previously, I had only one web server on my local network with ports forwarded from the main WAN IP address to the web server's local IP address and ports.
What i need to do and haven't found anything that could help me in the docs, is to forward all the inbound requests that come through the secondary WAN IP to another web server.
I've tried with a VIP to map the secondary WAN IP address as the external IP and my new web server's local IP and the corresponding firewall policy, but no luck so far.
Is it possible to do this?
Thanks in advance.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
As long as the internet can reach the secondary wan IP, the VIP can use this secondary IP as an external IP. If it doesn't work, I suggest checking the configuration of VIP.
If there is no problem with the configuration, it is recommended to capture packets for analysis:
# diagnose sniffer packet any "host x.x.x.x" 4 0 l
Thanks
Kangming
Hey JdGoe,
in addition to what Kangming mentioned (setting up a VIP to map your external secondary WAN IP to an internal server), you might also want to ensure that your ISP is properly routing the secondary IP and you're receiving requests for the secondary IP in the first place.
The 'diagnose sniffer' command Kangming mentioned can help you see if requests for the public, secondary WAN IP make it to the FortiGate.
If they do, after that further processing is up to the FortiGate policies and VIP configuration.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.