SOLVED:
Was able to add additional VIP's through CLI to the same internal IP Fails in Gui with ("Conflicts with the External IP of another VIP")
For reference:
config firewall vip edit "Second 1.1.1.1 VIP" set extip 1.1.1.1 set extintf "wan interface" set portforward enable set mappedip 10.1.1.226 set extport 443 set mappedport 443 next end
Original post:
I'm trying to set up a policy to forward port 80 to 8080 and allow 443 from a WAN port to 10.1.1.226
If I setup a VIP to send any incoming port 80 traffic to 8080 it works as expected.
If I use a VIP to allow all traffic from WanX to 10.1.1.226 and make a service with source port 80 destination port 8080 and add https service to the rule. The https traffic works, but the service to forward 80 to 8080 does not.
Also tried VIP with services of HTTPS and my service that is supposed to forward 80 to 8080. Again, https traffic works, but I can't get to port 8080 from 80.
What am I missing? TIA.
Edit:
Firmware v6.2.3 build1066 (GA)
When trying to add a VIP that uses the same IP's we get that red error: "Conflicts with the External IP of another VIP"
Looks like others have had the same issue with similar firmware. I'll try some CLI and see if I get the same results.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.