Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Fortigate Port Forwarding

Posted on 2015-02-05
7
112 Views
Last Modified: 2015-02-12
Hi Experts,

I have a webserver behind my fortigate 200b and I want to make port translation to the web.
I have done exact this manual
http://docs-legacy.fortinet.com/cb/html/index.html#page/FOS_Cookbook/Firewall/cb-firewall-dnat1.html

But it is not working, but on the sniffer I can see the packets.
Why I cannot see the webpage from outside ?
0
Comment
Question by:Eprs_Admin
  • 3
  • 2
  • 2
7 Comments
 
LVL 4

Expert Comment

by:Joey Yung
ID: 40592750
What is the sniffer result? Any "ack" reply on it?

Also, you can enable the logging of that policy, and trace the result from the logging
0
 
LVL 8

Expert Comment

by:myramu
ID: 40593028
Hi,

I assume gateway on web server is not FortiGate, because of this you can't access the page from internet. Can you enable nat on that VIP policy and verify?

Good Luck!
0
 

Author Comment

by:Eprs_Admin
ID: 40593329
The sniffer comes out with ACK and SYN.
This should be fine right ?
0
Easy, flexible multimedia distribution & control

Coming soon!  Ideal for large-scale A/V applications, ATEN's VM3200 Modular Matrix Switch is an all-in-one solution that simplifies video wall integration. Easily customize display layouts to see what you want, how you want it in 4k.

 

Author Comment

by:Eprs_Admin
ID: 40593341
on the policy I can see send packets -> over 130 packets sent.
This is the incoming policy -> WAN-LAN
0
 
LVL 8

Accepted Solution

by:
myramu earned 250 total points
ID: 40595580
Hi,

Can you confirm by referring the below article, your configuration is correct?
http://kb.fortinet.com/kb/microsites/search.do?cmd=displayKC&docType=kc&externalId=FD30491

Good Luck!
0
 
LVL 4

Assisted Solution

by:Joey Yung
Joey Yung earned 250 total points
ID: 40597762
Alright, seems everything looks good. Better to check the event log to make sure the access is allowed. Did you try to access the webpage internally? Any other host based firewall on that web server?
0
 

Author Comment

by:Eprs_Admin
ID: 40607391
Yes the config was correct.
The website was working internally.

The problem was something with the external IP address.

SOLVED.

Thanks
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
FireFox Add-on Plugins 2 30
WebSite Direction 1 54
Cisco ASA 3 34
Can't enable Flash on Chrome 32 Windows 7 any more 2 25
Article by: kevp75
Hey folks, 'bout time for me to come around with a little tip. Thanks to IIS 7.5 Extensions and Microsoft (well... really Windows 8, and IIS 8 I guess...), we can now prime our Application Pools, when IIS starts. Now, though it would be nice t…
Citrix XenApp, Internet Explorer 11 set to Enterprise Mode and using central hosted sites.xml file.
This Micro Tutorial will demonstrate how nuggets on the Web are formatted by using Chrome Developer Tools. These tools would not only view the site's CSS but it can also modify it and save the CSS to use on your own site.
Shows how to create a shortcut to site-search Experts Exchange using Google in the Chrome browser. This eliminates the need to type out site:experts-exchange.com whenever you want to search the site. Launch the Search Engine Menu: In chrome, via you…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question