From lan to internal web server

MacquoijSteven · ‎07-27-2022

When I try to connect from behind my firewall (lan) through the url (www.internalwebserver.be) to my internal webserver (with portforwarding) I get a timeout on this connection. When i use the webserver lan IP (ex https://192.168.1.20:1234) there is no problem. (just annoying for the users ;-))

When I connect from a remote location everything works perfectly.
Seems to be a DNS problem but I can't figure it out...
Does anyone have advice or tips where to look in the fortigate configuration?

Thanks in advance!

Fortigate 600E v7.0.5

aionescu · ‎07-27-2022

Hello @MacquoijSteven

Welcome to the community.

Can you try to configure "hairpin" policy like explained here: https://community.fortinet.com/t5/FortiGate/Technical-Tip-Configuring-Hairpin-NAT-VIP/ta-p/195448 or

https://docs.fortinet.com/document/fortigate/5.4.0/cookbook/856642/configuring-hair-pinning-on-a-for...

MacquoijSteven · ‎07-28-2022

Thanks for your welcome and your fast reply.

I have checked my VIP and associated policies. The problem is not gone yet but it has something to do with it (since I can suddenly ping). NAT was enabled on the WAN to DMZ rule so i changed that. I keep searching en testing, thanks for the very useful insight!

From lan to internal web server

Nominate a Forum Post for Knowledge Article Creation