- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Forward same port to different IP destination
Hello,
I just have a little question, i would like to forward same port to multiple destination IP.
Exemple from WAN1 to 192.168.1.100 and 101
- PORT 50001 forwarding to ip 192.168.1.100 (destination ip).
- PORT 50001 forwarding to ip 192.168.1.101
I can create Virtual Ip for the first port forwarding. If i create a second virtual ip to the second IP destination i have this message :
A duplicate entry already exists.
Can you help me please ?
Thanks in advance.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello and welcome to the forums.
This is not possible with VIPs. You have either to use load balancing or other ports. Best
________________________________________________________
--- NSE 4 ---
________________________________________________________
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
This would be called 'mirroring' as the device would have to duplicate the traffic in order to forward it to 2 destinations. How would the reply traffic be routed? To the first, or to the second address?
IMHO your plan needs rethinking. As posted, this is not doable - in FortiOS, or any other firewall.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thank you for your responses.
Yes, maybe the best things is to configure differents ports for each IP. I my case, this is 2 Servers not configured by me, the installator give me this recommandations. I ask him to change port on one server :)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
If need be, you can leave the internal port as they are, only changing one of the ports on the "outside"
e.g.
- PORT 50001 forwarding to ip 192.168.1.100:50001 - PORT 50002 forwarding to ip 192.168.1.101:50001
flyinstar wrote:[...] I ask him to change port on one server :)
NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C