Solved

Fortigate Port Forwarding

Posted on 2015-02-05
7
119 Views
Last Modified: 2015-02-12
Hi Experts,

I have a webserver behind my fortigate 200b and I want to make port translation to the web.
I have done exact this manual
http://docs-legacy.fortinet.com/cb/html/index.html#page/FOS_Cookbook/Firewall/cb-firewall-dnat1.html

But it is not working, but on the sniffer I can see the packets.
Why I cannot see the webpage from outside ?
0
Comment
Question by:Eprs_Admin
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
7 Comments
 
LVL 5

Expert Comment

by:Joey Yung
ID: 40592750
What is the sniffer result? Any "ack" reply on it?

Also, you can enable the logging of that policy, and trace the result from the logging
0
 
LVL 8

Expert Comment

by:myramu
ID: 40593028
Hi,

I assume gateway on web server is not FortiGate, because of this you can't access the page from internet. Can you enable nat on that VIP policy and verify?

Good Luck!
0
 

Author Comment

by:Eprs_Admin
ID: 40593329
The sniffer comes out with ACK and SYN.
This should be fine right ?
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:Eprs_Admin
ID: 40593341
on the policy I can see send packets -> over 130 packets sent.
This is the incoming policy -> WAN-LAN
0
 
LVL 8

Accepted Solution

by:
myramu earned 250 total points
ID: 40595580
Hi,

Can you confirm by referring the below article, your configuration is correct?
http://kb.fortinet.com/kb/microsites/search.do?cmd=displayKC&docType=kc&externalId=FD30491

Good Luck!
0
 
LVL 5

Assisted Solution

by:Joey Yung
Joey Yung earned 250 total points
ID: 40597762
Alright, seems everything looks good. Better to check the event log to make sure the access is allowed. Did you try to access the webpage internally? Any other host based firewall on that web server?
0
 

Author Comment

by:Eprs_Admin
ID: 40607391
Yes the config was correct.
The website was working internally.

The problem was something with the external IP address.

SOLVED.

Thanks
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction This article explores the design of a cache system that can improve the performance of a web site or web application.  The assumption is that the web site has many more “read” operations than “write” operations (this is commonly the ca…
In threads here at EE, each comment has a unique Identifier (ID). It is easy to get the full path for an ID via the right-click context menu. However, we often want to post a short link within a thread rather than the full link. This article shows a…
Shows how to create a shortcut to site-search Experts Exchange using Google in the Chrome browser. This eliminates the need to type out site:experts-exchange.com whenever you want to search the site. Launch the Search Engine Menu: In chrome, via you…
How to create a custom search shortcut to site-search Experts Exchange using Google in the Firefox browser. This eliminates the need to type out site:experts-exchange.com whenever you want to search the site. Launch your Bookmark Menu: Press 'Ctrl +…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question