Friday, November 17, 2017

FORTINET PORT FORWARD

Want to port forward someone into your network.  This is how. 
In this example we are port forwarding someone on port 5000 into the network.

1. Creating virtual IP

Go to Policy & Objects -> Objects -> Virtual IPs - Create New -> Virtual IP

This example, we want to open up port 5000 from the external IP of 142.154.2.2 and point it to 192.168.10.5 internally.

Note: doing this doesn't expose the external to internal, were just getting ready, policy will need to be done in step 3.

The "NAME" will be the name that the VIP Group will refer to (step 2).  The VIP group name will be the one that the POLICY and OBJECTS will refer to when you actually open this IP up to the internet.(step 3)




2. Adding virtual IPs to a VIP group

Go to Policy & Objects -> Objects -> Virtual IPs - Create New -> Virtual IP GROUP

Create a VIP group. Under Members, include all three virtual IPs previously created.



3. Creating a security policy

Now you create your IPv4 Policy.

Create a new policy

Enter in the name of this inbound plicy and set the external IP of the network that you want to allow in.

Then select the appropriate OUTGOING interface,
Destination address is the Virtual IP name.



Select OK



No comments:

Post a Comment

Feel free to leave a comment! If you have any information that you think should be included, please do so here and I'll get it added in.