We have a range of IP's given by the ISP, we have 3 servers which are configured with Live IP's.
We can forward the traffic for 25,110,143 etc to the server via VIP but we have two mail servers that are distinctly separate and the forwarding can only be done from WAN1 to VIP.
Can I specify which of the IP's on the WAN1 port are forwarded ?
Welcome to the forums.
You can map all of your public (WANx) addresses to VIPs on the interface. Additionally, if you know it's only a mail server, you can port forward the VIP so that other servers on different ports can also come in on the IP address. For example, at my home, I have my web server, FTP/SFTP server, radio server, and file sharing servers on a single IP address. There are three unique servers/appliances handling these tasks on the private side of things. I only have a single IP address.
Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com
Use one VIP for each public IP you've got. Either as 1:1 or port-forwarding.
If you wanted to use the same public IP address for 2 internal servers you would have to use different destination ports for each, like SMTP port 25 and SMTP port 587. Or HTTPS (p443) for OWA, and a custom HTTPS on p30443.
Maybe you could clarify what your goal is.
Not sure if I understand your question but why don't you just bind the VIP to use interface WAN1? I assume you have it set to ANY if it's currently forwarding all interface traffic.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.