Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
KuyaJerome
New Contributor

Modem to Fortigate Port Forwarding VPN

Hi,

 

I am very new to Firewalls, though I configured some with the help of video tutorials. Now we have one on our own, I'm planning to configure it for Remote VPN so we can easily access our office files anywhere specially when we're in the field since we are IT service providers. 

 

I followed the instructions from this link https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=5&cad=rja&uact=8&ved=2ahUKEwjj3NiJ4N_e...

 

But I think this only applies when we are using the Public IP of our ISP. I set the WAN IP as DHCP. Now, I need the detailed instructions on how I can access our office LAN outside using Remote VPN. I think I have to port forward the Public IP of our router to the DHCP IP of the Fortigate. And I have no idea on how to do that. I hope I have someone I can talk with this.

 

Thanks and best regards,

 

Jerome

16 REPLIES 16
KuyaJerome

Hi Tim,

 

Good day! Do I have to setup any DDNS on the SSL-VPN config?

 

Thank you very much! 

KuyaJerome

I was able to make the port forwarding work. I tried using telnet to check if it works. 

KuyaJerome

It's a DSL Modem Tim. 

KuyaJerome

All I can get is from this link http://setuprouter.com/router/pldt/speedsurf-504an/manuals.htm. Can't find the model in the physical device either. 

sw2090

Basically you have to look at two things:

 

1) Is you DSL Modem in Bridge Mode or is it acting as router? If it acts as router (i.e. it does the internet dial up) you need to do portforwarding for IPSEC to work. This would be Port 4500 UDP (NAT-T) and 500 UDP (IPSEC).

If it is in bridge mode (i.e. your FGT does PPPOE on its WAN) you don't need to do Portforwarding at all.

 

2) An IPSec Tunnel always needs to have defined ends. If you have a dynamic IP on your WAN from your ISP it is better to use FQDN instead of IP in FortiClient. You could use Fortinet DynDNS Service for this. Otherwise you would always have to check for the current WAN IP of your FGT and then alter you FOrtiClient Config before you start the Tunnel.

-- 

"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams

-- "It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
connexionlivestock
New Contributor

Connexion Livestock is a platform that offers innovative solutions for livestock management. With its advanced technology and user-friendly interface, the platform provides farmers and ranchers with the tools they need to improve the health and productivity of their herds. The platform offers a convenient and efficient way for farmers and ranchers to find high-quality cattle for sale to add to their herds and for breeders to sell their animals to interested buyers.

Boe Robbie
Boe Robbie
connexionlivestock
New Contributor

Hello Jerome,

To access your office LAN outside using Remote VPN, you will need to set up port forwarding on your router to the Fortigate. Here are the steps you can follow:

  1. Assign a static IP address to the Fortigate device in your LAN.

  2. Log in to your router's web interface.

  3. Find the port forwarding section, which is usually located in the "Advanced" or "NAT" settings.

  4. Create a new port forwarding rule that forwards traffic from the VPN port (usually 1194 or 443) to the static IP address of the Fortigate.

  5. Save the changes and test the VPN connection from outside your office network.

If you encounter any issues, you can consult the Fortigate documentation or contact their support team for assistance.

By the way, if you're looking for a reliable livestock management solution, check out our website https://connexionlivestock.com. We offer a cloud-based platform that helps livestock producers manage their herds more efficiently and effectively. Feel free to contact us if you have any questions or would like to schedule a demo.

Best regards,

Boe Robbie
Boe Robbie
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors