Hi
I tried several times reading about how NAT works in Fortigate, but it doesnt work.
FortiGate 60F, firmware 7.2.8 build 1693.
I found many guides using "IPv4 policy", but this is not present in my "Policy & Objects" menu, I think maybe different firmware.
So I create Virtual IPs I need, then I create firewall policies from wan to virtual ip.
But it doesn'n works, i presume i made something wrong o I didn't do at all something that is necessary.
I am new in FortiGate, coming from other manifacturer products, any help is welcome.
Edit: I add some informations may help:
System is in NAT mode.
Gateway is a modem/router Fritz, and Fortigate is in DMZ on it.
Activating https admin on wan interface, it is reachable from internet.
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi
In your VIP, try put the actual WAN IP instead of 0.0.0.0.
Thank you.
Tryed
Doesn't work.
In your firewall rule you should disable NAT.
Created on 07-29-2024 06:54 AM Edited on 07-29-2024 06:56 AM
This way do you mean?
It's still not working (for test I redirect port 13389 on 3389 of a pc whith RD active)
I see a little increase of traffic in the column "bytes"
Yes I mean this way. You don't need to do SNAT when you do DNAT as you your client will not know the real source address.
The config seems ok. Can you share the related traffic log?
Also the below command output while you try access from outside:
diag sniffer packet any "host x.x.x.x" 4
Where x.x.x.x is the client IP on the WAN.
Hi
Thank you for your accurate answers.
I am a little confused now: i just put anything as it was from beginning, to restart from a known situation. Well everyting seems to work fine! With or withoun NAT enabled.
It is god, but i have not undertood which problem it was anfd I have two more devices to put in production.
It a great thing having such a forum to count on, anywhay.
Thank you a lot
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1662 | |
1077 | |
752 | |
446 | |
220 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.