Public IP class configuration

Dragos2P · ‎09-04-2017

hello, I have a public IP class routed by my ISP on the wan network. What i want to do is: 1. to configure the Fortigate in order to allow specific IP to go outside (internet) on ports 80, 21, 443 through one public IP from the routed class. For example when i go outside from 192.168.1.10 to use the public IP (from the routed class) 194.102.x.10. If i use any other local ip to go outside throuhg the wan IP. 2. to accept traffic on IPs from the public class and route it to the internal IPs (also with specific ports). 194.102.x.20:80 to redirect to 192.168.1.20:8080 for example. Any ideas how can i configure this two rules? Thenk you in advance

oheigl · ‎09-05-2017

1. Create a rule with the specific internal host as the source address, and configure NAT with an IP pool to the address you mentioned: 194.102.x.10

For the other local clients just configure a normal internal > wan policy with source all and NAT to destination interface. Be sure this policy is below the first one.

2. Create a VIP with the public IP 194.102.x.20 with port forwarding and external service 80 and map port 8080. Create a policy from all hosts and wan > internal with the VIP as destination.

Should be all

Public IP class configuration

Nominate a Forum Post for Knowledge Article Creation