Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
caifan125
New Contributor

port forwarding fortinet 60D

Hi, I'm new with the fortinet router so I hope you can help me. I want open ports for access our cameras from outside, and I saw the video of port forwarding for do it, I followed it  but it doesn't work. I was checking the configuration and I have one doubt. In the configuration of the interface wan that I want to use, I have this configuration:

 

 

The ip that use it is correct? It supposed that ip takes it from our dsl. May be is a silly thing, but like I said I'm new on this.

I will appreciate yout help.

 

Thanks

4 REPLIES 4
neonbit
Valued Contributor

Hi and welcome to the forums!

 

The IP address that your FG60D has is a private IP address and will not be accessible from the internet. Your ADSL modem that is sitting infront of the FG60D has the real public 'internet' IP address that you need to use (log into the modem to see what it is).

 

The easiest way to get around this is to place your ADSL modem in 'bridge mode', and then change the FG60D wan2 port to be PPPOE and input your accounts username/password. This way the internet IP address will be on the WAN2 interface.

 

Failing that the other option is to port forward from your ADSL modem to your FG60D. Some modems have a feature called 'DMZ mode' which will forward all traffic to an internal IP address. In this instance you'd set the DMZ IP address to be the FG60D IP.

Cyber_Guard

@Neonbit: Can you please explain me how to put a Router in a bridge mode so we have the public IP on WAN2?

Do you have any diagram explaining this? I have been managing around 30 Fortigate firewalls and would like to understand it bit better. I have been doing it the DMZ way but would also like to crack the bridge mode as well.

 

Any help or doc will be much appreciated. Also, please keep in mind that we have regular ADSL or VDSL routers front of Fortigate. Thanks

Karan

FCSNA | CCNP | VCP | CCNA | MCITP

Karan FCSNA | CCNP | VCP | CCNA | MCITP
neonbit
Valued Contributor

Each modem vendor has their own way of configuring bridge mode. I would suggest googling your model number plus 'bridge mode'. For example to configure bridge mode on a dlink you would do this.

 

I've uploaded a diagram of what your current network looks like (from my understanding) and what it would look like once you enable bridge mode on the modem and terminate the PPPOE session on the FG60D. You can see it's alot less complicated.

 

I deploy all my remote sites in this method as the FG60D can handle alot more sessions than the modem, and if the modem ever blows up I can just send a replacement with bridge mode enabled (or keep one onsite as a spare).

caifan125
New Contributor

Hi, sorry for delay. Thanks for the help, my problem was the dmz, I configured and all work excelent. Thank for all.

Top Kudoed Authors