Hello, thanks for your time in reading my message.
Maybe I have not enough experience with Fortigate. I'm trying to create a Virtual IP where from one external IP to two differents mapped IP in my LAN.
I don't know if this is possible as I receive an error when I define range.
Please, see attached image for clarity and thanks again for helping
Regards
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
You will need a load-balance type VIP, which isn't selectable from the GUI, so this needs to be configured in the CLI:
config firewall vip
edit "wwewe"
set type load-balance
set extintf any
set extip 195.55.255.150
set mappedip 192.168.10.55-192.168.10.59
set portforward enable
set protocol udp
set extport 2000
set mappedport 2000
end
Type Static NAT means its one to one mapping. The number of address in External IP address/range should be equal to the Mapped IP address range.
Thats the reason for the error you are seeing.
For the configuration you are trying, it looks like load balancing . Are you trying to load balance traffic hitting on 195.55.255.150 port 2000 to 192.168.10.55-192.168.10.59 ? If so please check the following article https://community.fortinet.com/t5/FortiGate/Technical-Tip-Setting-up-a-VIP-load-balance-with-HTTP-ho...
Thank you for your reply Suraj.
Actually, I think it's simpler since my intention is to open port 2001 to two computers, without the need for load balancing. Maybe I'm taking the wrong path.
Thanks again
You can achieve this using the virtual server instead of port forwarding:
https://docs.fortinet.com/document/fortigate/6.2.15/cookbook/713497/virtual-server
Here you can define one external IP and two real servers and configure load balancing as per your requirement
You will need a load-balance type VIP, which isn't selectable from the GUI, so this needs to be configured in the CLI:
config firewall vip
edit "wwewe"
set type load-balance
set extintf any
set extip 195.55.255.150
set mappedip 192.168.10.55-192.168.10.59
set portforward enable
set protocol udp
set extport 2000
set mappedport 2000
end
Hi pminarik
Thanks, I'll test it and give feedback
Regards
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1662 | |
1077 | |
752 | |
446 | |
220 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.