Solved

Fortigate Port Forwarding

Posted on 2015-02-05
7
111 Views
Last Modified: 2015-02-12
Hi Experts,

I have a webserver behind my fortigate 200b and I want to make port translation to the web.
I have done exact this manual
http://docs-legacy.fortinet.com/cb/html/index.html#page/FOS_Cookbook/Firewall/cb-firewall-dnat1.html

But it is not working, but on the sniffer I can see the packets.
Why I cannot see the webpage from outside ?
0
Comment
Question by:Eprs_Admin
  • 3
  • 2
  • 2
7 Comments
 
LVL 4

Expert Comment

by:Joey Yung
ID: 40592750
What is the sniffer result? Any "ack" reply on it?

Also, you can enable the logging of that policy, and trace the result from the logging
0
 
LVL 8

Expert Comment

by:myramu
ID: 40593028
Hi,

I assume gateway on web server is not FortiGate, because of this you can't access the page from internet. Can you enable nat on that VIP policy and verify?

Good Luck!
0
 

Author Comment

by:Eprs_Admin
ID: 40593329
The sniffer comes out with ACK and SYN.
This should be fine right ?
0
Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

 

Author Comment

by:Eprs_Admin
ID: 40593341
on the policy I can see send packets -> over 130 packets sent.
This is the incoming policy -> WAN-LAN
0
 
LVL 8

Accepted Solution

by:
myramu earned 250 total points
ID: 40595580
Hi,

Can you confirm by referring the below article, your configuration is correct?
http://kb.fortinet.com/kb/microsites/search.do?cmd=displayKC&docType=kc&externalId=FD30491

Good Luck!
0
 
LVL 4

Assisted Solution

by:Joey Yung
Joey Yung earned 250 total points
ID: 40597762
Alright, seems everything looks good. Better to check the event log to make sure the access is allowed. Did you try to access the webpage internally? Any other host based firewall on that web server?
0
 

Author Comment

by:Eprs_Admin
ID: 40607391
Yes the config was correct.
The website was working internally.

The problem was something with the external IP address.

SOLVED.

Thanks
0

Featured Post

Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Do you come here a lot? Are you lazy like me and don't want to go through the "trouble" of having to click your Dock's Safari icon and then having to click your Experts Exchange Favorites bookmark to get here? Well then this article is for you.
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Google currently has a new report that is in beta and coming soon to Webmaster Tool accounts. This Micro Tutorial will highlight new features for Google Webmaster Tools.
This Micro Tutorial will demonstrate how nuggets on the Web are formatted by using Chrome Developer Tools. These tools would not only view the site's CSS but it can also modify it and save the CSS to use on your own site.

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question