Solved

Fortigate Port Forwarding

Posted on 2015-02-05
7
115 Views
Last Modified: 2015-02-12
Hi Experts,

I have a webserver behind my fortigate 200b and I want to make port translation to the web.
I have done exact this manual
http://docs-legacy.fortinet.com/cb/html/index.html#page/FOS_Cookbook/Firewall/cb-firewall-dnat1.html

But it is not working, but on the sniffer I can see the packets.
Why I cannot see the webpage from outside ?
0
Comment
Question by:Eprs_Admin
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
7 Comments
 
LVL 5

Expert Comment

by:Joey Yung
ID: 40592750
What is the sniffer result? Any "ack" reply on it?

Also, you can enable the logging of that policy, and trace the result from the logging
0
 
LVL 8

Expert Comment

by:myramu
ID: 40593028
Hi,

I assume gateway on web server is not FortiGate, because of this you can't access the page from internet. Can you enable nat on that VIP policy and verify?

Good Luck!
0
 

Author Comment

by:Eprs_Admin
ID: 40593329
The sniffer comes out with ACK and SYN.
This should be fine right ?
0
Flexible connectivity for any environment

The KE6900 series can extend and deploy computers with high definition displays across multiple stations in a variety of applications that suit any environment. Expand computer use to stations across multiple rooms with dynamic access.

 

Author Comment

by:Eprs_Admin
ID: 40593341
on the policy I can see send packets -> over 130 packets sent.
This is the incoming policy -> WAN-LAN
0
 
LVL 8

Accepted Solution

by:
myramu earned 250 total points
ID: 40595580
Hi,

Can you confirm by referring the below article, your configuration is correct?
http://kb.fortinet.com/kb/microsites/search.do?cmd=displayKC&docType=kc&externalId=FD30491

Good Luck!
0
 
LVL 5

Assisted Solution

by:Joey Yung
Joey Yung earned 250 total points
ID: 40597762
Alright, seems everything looks good. Better to check the event log to make sure the access is allowed. Did you try to access the webpage internally? Any other host based firewall on that web server?
0
 

Author Comment

by:Eprs_Admin
ID: 40607391
Yes the config was correct.
The website was working internally.

The problem was something with the external IP address.

SOLVED.

Thanks
0

Featured Post

Surfing Is Meant To Be Done Outdoors

Featuring its rugged IP67 compliant exterior and delivering broad, fast, and reliable Wi-Fi coverage, the AP322 is the ideal solution for the outdoors. Manage this AP with either a Firebox as a gateway controller, or with the Wi-Fi Cloud for an expanded set of management features

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Introduction If you're like most people, you have occasionally made a typographical error when you're entering information into an online form.  And to your consternation, the browser remembers the error, and offers to autocomplete your future entr…
I annotated my article on ransomware somewhat extensively, but I keep adding new references and wanted to put a link to the reference library.  Despite all the reference tools I have on hand, it was not easy to find a way to do this easily. I finall…
Google currently has a new report that is in beta and coming soon to Webmaster Tool accounts. This Micro Tutorial will highlight new features for Google Webmaster Tools.
How to create a custom search shortcut to site-search Experts Exchange using Google in the Firefox browser. This eliminates the need to type out site:experts-exchange.com whenever you want to search the site. Launch your Bookmark Menu: Press 'Ctrl +…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question