Firewall configuration | Virtual IPs |
|
|
6Enter the External IP Address that you want to map to an address on the destination zone.
You can set the external IP address to the IP address of the external interface selected in step 4 or to any other address.
If the IP address of the external interface selected in step 4 is set using PPPoE or DHCP, you can enter 0.0.0.0 for the External IP Address. The FortiGate unit substitutes the IP address set for this external interface using PPPoE or DHCP.
For example, if the virtual IP provides access from the Internet to a server on your internal network, the external IP address must be a static IP address obtained from your ISP for this server. This address must be a unique address that is not used by another host. However, this address must be routed to the external interface selected in step 4. The virtual IP address and the external IP address can be on different subnets.
7Enter the External Service Port number that you want to configure port forwarding for.
The external service port number must match the destination port of the packets to be forwarded. For example, if the virtual IP provides access from the Internet to a web server, the external service port number is 80 (the HTTP port).
8In Map to IP, enter the real IP address on the destination network.
For example, the real IP address could be the IP address of a web server on an internal network.
9In Map to Port, enter the port number to be added to packets when they are forwarded.
If you do not want to translate the port, enter the same number as the External Service Port.
If you want to translate the port, enter the port number to which to translate the destination port of the packets when they are forwarded by the firewall.
10Select the protocol (TCP or UDP) that you want the forwarded packets to use.
11Select OK to save the port forwarding virtual IP.
211 |