Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
piacas
New Contributor III

Virtual IP doesn't show up in list

Running v5.6.2, created a VIP under DNAT & Virtual IP's with a port forward.

Create a new policy and when select destination, the VIP isn't listed, only addresses. I made for interface setting in VIP and poicy are the same for incoming. Anyone seen this? I've made VIP's in 5.4/5.2 the same way and worked fine....

 

 

 

Thx

Dave

11 REPLIES 11
zeromahesh

Hi Guys,

 

Please note that when Central SNAT is enabled not only Source NAT is handled by central table but also Destination NAT also handled by a central table...

 

What you have to do is, once Central SNAT is enabled, just create DNAT/Virtual IP mapping and then create security policy with destination address of the actual server IP, not the VIP.

MikePruett

If you did port forwarding you may need it tied to a specific port (if you left the external ip as 0.0.0.0). Did you leave it as "any" when creating the VIP?

Mike Pruett Fortinet GURU | Fortinet Training Videos
Top Kudoed Authors