Hi, I'm new with the fortinet router so I hope you can help me. I want open ports for access our cameras from outside, and I saw the video of port forwarding for do it, I followed it but it doesn't work. I was checking the configuration and I have one doubt. In the configuration of the interface wan that I want to use, I have this configuration:
The ip that use it is correct? It supposed that ip takes it from our dsl. May be is a silly thing, but like I said I'm new on this.
The IP address that your FG60D has is a private IP address and will not be accessible from the internet. Your ADSL modem that is sitting infront of the FG60D has the real public 'internet' IP address that you need to use (log into the modem to see what it is).
The easiest way to get around this is to place your ADSL modem in 'bridge mode', and then change the FG60D wan2 port to be PPPOE and input your accounts username/password. This way the internet IP address will be on the WAN2 interface.
Failing that the other option is to port forward from your ADSL modem to your FG60D. Some modems have a feature called 'DMZ mode' which will forward all traffic to an internal IP address. In this instance you'd set the DMZ IP address to be the FG60D IP.
@Neonbit: Can you please explain me how to put a Router in a bridge mode so we have the public IP on WAN2?
Do you have any diagram explaining this? I have been managing around 30 Fortigate firewalls and would like to understand it bit better. I have been doing it the DMZ way but would also like to crack the bridge mode as well.
Any help or doc will be much appreciated. Also, please keep in mind that we have regular ADSL or VDSL routers front of Fortigate. Thanks
Each modem vendor has their own way of configuring bridge mode. I would suggest googling your model number plus 'bridge mode'. For example to configure bridge mode on a dlink you would do this.
I've uploaded a diagram of what your current network looks like (from my understanding) and what it would look like once you enable bridge mode on the modem and terminate the PPPOE session on the FG60D. You can see it's alot less complicated.
I deploy all my remote sites in this method as the FG60D can handle alot more sessions than the modem, and if the modem ever blows up I can just send a replacement with bridge mode enabled (or keep one onsite as a spare).
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.