Hi All,
I'm in the process of migrating from a Sonicwall to a FortiGate and I have come up against a NAT setting on the Sonicwall that I'm not too sure how to recreate on the FortiGate.
On the Sonicwall I have several NAT policies that will do for example.
Translate ports that are not in a range or sequential, but are members of Service group.
E.g.
Public IP | Outside Port/Service Group | Private IP | Inside Port/Service |
1.2.3.4 | PhoneSystemPorts | 192.168.1.10 | PhoneSystemPorts |
Service Group: PhoneSystemPorts
Members:
PhoneSystemPort1 : TCP 80
PhoneSystemPort2 : TCP 8000
Is this possible to recreate with Virtual IPs, Optional Filters and Services?
Do I just leave the Port Forward option switched off?
Or do I need to create multiple ViPs to recreate this?
Any advise welcome.
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
If there is no TCP Port translation, you can use the Service Option.
You may refer to below guide.
https://docs.fortinet.com/document/fortigate/6.2.15/cookbook/446182/virtual-ip-with-services
https://community.fortinet.com/t5/FortiGate/Virtual-IP-with-services/ta-p/199427
If there is TCP Port translation, you need to have multiple Virtual IP and enable Port Forwarding.
After that create Virtual IP Group.
https://docs.fortinet.com/document/fortigate/7.4.3/administration-guide/155333/virtual-ips-with-port...
**If you come across a resolution, kindly show your appreciation by liking and accepting it, ensuring its accessibility for others**
If there is no TCP Port translation, you can use the Service Option.
You may refer to below guide.
https://docs.fortinet.com/document/fortigate/6.2.15/cookbook/446182/virtual-ip-with-services
https://community.fortinet.com/t5/FortiGate/Virtual-IP-with-services/ta-p/199427
If there is TCP Port translation, you need to have multiple Virtual IP and enable Port Forwarding.
After that create Virtual IP Group.
https://docs.fortinet.com/document/fortigate/7.4.3/administration-guide/155333/virtual-ips-with-port...
**If you come across a resolution, kindly show your appreciation by liking and accepting it, ensuring its accessibility for others**
I've just tested this and it works.
https://docs.fortinet.com/document/fortigate/6.2.15/cookbook/446182/virtual-ip-with-services
https://community.fortinet.com/t5/FortiGate/Virtual-IP-with-services/ta-p/199427
Great stuff thanks.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1561 | |
1034 | |
749 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.