Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
StevenT
New Contributor III

external access using RDP into fortigate in the loopback

Hi,

 

has anyone try before using RDP to access back into the server within a fortigate?

using noip fqdn address as the RDP. while created a loopback interface for the wan port as it only had one public static IP address. 

Will it works? Below is the configuration set.

 

port1 role - WAN

 

policy
incoming int- "port 1" "loop"
outgoing int- "internal"
source- "all"
Destination- "VIP"
service all
nat disabled

 

VIP
int "port 1"
External "public static ip"
IPv4 192.168.50.222
Port Forwarding
external port 9100
ipv4 port 3389

1 Solution
distillednetwork
Contributor III

You should be able to create  VIP using the Fortigate's static WAN IP and then create a firewall policy that has a source interface of where the clients are and a destination interface of where the server is with the destination being the VIP address.  If they are on the same port it could be the source int internal destination int internal and the desntaiton is the vip.

 

This is often referred to as Hairpining:

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Configuring-Hairpin-NAT-VIP/ta-p/195448

 

View solution in original post

2 REPLIES 2
distillednetwork
Contributor III

You should be able to create  VIP using the Fortigate's static WAN IP and then create a firewall policy that has a source interface of where the clients are and a destination interface of where the server is with the destination being the VIP address.  If they are on the same port it could be the source int internal destination int internal and the desntaiton is the vip.

 

This is often referred to as Hairpining:

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Configuring-Hairpin-NAT-VIP/ta-p/195448

 

StevenT

Thanks. Shall try it out.

Labels
Top Kudoed Authors