hi
I have a virtualised firewall at home with a private network 192.168.0.0/24 like everyone else who has an internet contract.
I want to set up a ssl vpn in my house.
I have not bought a public ip I want to be able to do it without buying it.
Kind regards
@yennal
As per this moment there is no way to do that.
You need a public IP so that your clients know where to connect, or how to reach out to your FortiGate.
hi
I have not bought the public ip but I do have a public ip associated to my network because I have contracted an isp and they provide me with internet access but I cannot configure that public ip in the firewall and I want to know how to redirect the incoming ssl traffic from that public ip of the isp (for example Telefonica) to my private network.
@yennal
This redirection is done only by ISP that will allow a specific por to be sent to your private IP.
Saying that, all requests that go to ISPs public IP on port X (for example on port 15443) will be redirected to your private IP.
You can ask them to allocate one specific port for you, and you can then configure SSLVPN to use that particular port.
Hi yennal,
I understand that you are using an internet network from an ISP but you do not have public IP provided by ISP.
Now in this situation, if the upstream ISP is providing fix/static public IP for your network you can ask the ISP to do the one-to-one IP NAT from their end.
From the firewall end, we do not have any control on public IP provided by ISP. For SSL VPN to work the traffic should hit the firewall on sslvpn listening interface and ssl vpn port. The IP available on the firewall interface is in the range 192.168.0.0/24, which is a private IP and not routable on the Internet. You can validate with your ISP if they can provide you with a static IP and if they can do NAT for you so that you will use that IP for SSLVPN.
Kind Regards
Hi @yennal,
You can ask your ISP to perform port forwarding to forward traffic on SSLVPN port for example (10443) to your internal IP address.
Regards,
Hi @yennal,
You can connect your ISP directly to your modem rather than via modem provided by your ISP.
Regards
Rajan
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.