Created on 11-25-2004 12:00 AM Edited on 06-10-2022 02:18 AM By Anthony_E
Article
Description |
This article describes how to set up a FTP server in the DMZ. |
||||||||||||||||||||
Components |
FortiGates. |
||||||||||||||||||||
Steps |
In the web-based manager complete the following steps:
Configure a virtual IP address so that incoming requests for the FTP server are routed correctly. The virtual IP can be included later in an External -> DMZ firewall policy.
To define the virtual IP address for the FTP server.
1) Go to Firewall -> Virtual IP. 2) Select.' Create New'. 3) Select Static NAT. 4) Enter the following information:
5) Select 'OK'.
For FTP access through the DMZ, it is possible to add it alone to a firewall policy. However, it is necessary to add additional services such as PING. Add all services required into a single group for easier configuration.
To add a services group.
1) Go to Firewall -> Service -> Group.
2 Select 'Create New'.
3) Enter a Group Name. For example, FTP_IP.
4) From the Available Services list, select the services to add to the group. For example, add FTP and PING.
5) Select 'OK'.
Create a firewall policy to accept traffic for the specified services.
To create a firewall policy:
1) Go to Firewall -> Policy.
2) Select 'Create New'.
3) Set the following options:
4) Select 'OK'.
After completing these steps, it is possible to ping the FTP address of 1.1.1.155 from outside the firewall. |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.