OK, I just upgraded my Verizon FIOS to a block of five fixed IPs. Their documentation is nonexistent but I think I' ve got a handle on it. I want to have two Web servers behind the Fortigate. So here' s how I think it should work:
The Verizon ActionTec router uses 192.168.16.x on its LAN side. It' s programmed to forward {IP 1}:80 to 192.169.16.16 and to forward {IP 2}:80 to 192.168.16.32.
My Fortigate 50b (MR6 patch 4) has both WAN interfaces connected to the LAN side of the ActionTec. WAN1 is set up as 192.168.16.16/255.255.255.224. WAN2 is set up as 192.168.16.32/255.255.255.0. (Is 255.255.255.31 a valid netmask?).
I have a static route (IP 0.0.0.0/0.0.0.0 gateway 192.168.16.1 device WAN1 distance 10) and port forwarding and everything set up on WAN1, so the existing Web server is working properly. Now I want to set up the same for WAN2 and the second web server. Obviously I want to forward WAN2:80 to the second web server. I bet I need a firewall policy for internal->WAN2 that accepts everything.
Do I set up a static route for IP 0.0.0.0/0.0.0.0 gateway 192.168.16.1 device WAN2 distance 10? Or what? Is that all I need?