?
Solved

Fortigate Port Forwarding

Posted on 2015-02-05
7
Medium Priority
?
141 Views
Last Modified: 2015-02-12
Hi Experts,

I have a webserver behind my fortigate 200b and I want to make port translation to the web.
I have done exact this manual
http://docs-legacy.fortinet.com/cb/html/index.html#page/FOS_Cookbook/Firewall/cb-firewall-dnat1.html

But it is not working, but on the sniffer I can see the packets.
Why I cannot see the webpage from outside ?
0
Comment
Question by:Eprs_Admin
  • 3
  • 2
  • 2
7 Comments
 
LVL 5

Expert Comment

by:Joey Yung
ID: 40592750
What is the sniffer result? Any "ack" reply on it?

Also, you can enable the logging of that policy, and trace the result from the logging
0
 
LVL 8

Expert Comment

by:myramu
ID: 40593028
Hi,

I assume gateway on web server is not FortiGate, because of this you can't access the page from internet. Can you enable nat on that VIP policy and verify?

Good Luck!
0
 

Author Comment

by:Eprs_Admin
ID: 40593329
The sniffer comes out with ACK and SYN.
This should be fine right ?
0
What Security Threats Are We Predicting for 2018?

Cryptocurrency, IoT botnets, MFA, and more! Hackers are already planning their next big attacks for 2018. Learn what you might face, and how to defend against it with our 2018 security predictions.

 

Author Comment

by:Eprs_Admin
ID: 40593341
on the policy I can see send packets -> over 130 packets sent.
This is the incoming policy -> WAN-LAN
0
 
LVL 8

Accepted Solution

by:
myramu earned 1000 total points
ID: 40595580
Hi,

Can you confirm by referring the below article, your configuration is correct?
http://kb.fortinet.com/kb/microsites/search.do?cmd=displayKC&docType=kc&externalId=FD30491

Good Luck!
0
 
LVL 5

Assisted Solution

by:Joey Yung
Joey Yung earned 1000 total points
ID: 40597762
Alright, seems everything looks good. Better to check the event log to make sure the access is allowed. Did you try to access the webpage internally? Any other host based firewall on that web server?
0
 

Author Comment

by:Eprs_Admin
ID: 40607391
Yes the config was correct.
The website was working internally.

The problem was something with the external IP address.

SOLVED.

Thanks
0

Featured Post

A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Citrix XenApp, Internet Explorer 11 set to Enterprise Mode and using central hosted sites.xml file.
A 2007 NCSA Cyber Security survey revealed that a mere 4% of the population has a full understanding of firewalls. As business owner, you should be part of that 4% that has a full understanding.
Shows how to create a shortcut to site-search Experts Exchange using Google in the Chrome browser. This eliminates the need to type out site:experts-exchange.com whenever you want to search the site. Launch the Search Engine Menu: In chrome, via you…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses
Course of the Month14 days, 5 hours left to enroll

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question