Welcome to WebProNews Breaking eBusiness and Search News
Advertise | Newsletter | Sitemap | News Feeds News Feed 
 WebProNews Search Part of the iEntry network iEntry inc. 

Fortinet Firewall Virtual IPs

A.P. Lawrence
Expert Author
Published: 2007-04-23

WebProNews RSS Feed


I found this a little confusing, so am documenting it here in case you run into the same problem.

The first task is to define a virtual IP. You give it a name, and its interface is "wan1" (or "wan2" of course). It's Static NAT, and unfortunately you apparently have to enter an actual IP.

I have a DHCP assigned WAN, which will change whenever there is a power failure, so I had hoped to be able to use 0.0.0.0 (for any address), but that didn't work for me.

The mapped IP is the internal address you want to go to.

In my case, this was a machine in the DMZ, so my first thought was that a WAN1 to DMZ policy was all that would be needed but that's not the case: you need to specifically include the VIP name in the "Address Name".

In my case, the whole thing ended up looking like this:

config firewall vip

edit "Linuxvip"

set extip 72.74.91.107

set mappedip 10.10.10.2

set extintf "wan1"

next

end

...

config firewall policy

set srcintf "wan1"

set dstintf "dmz"

set srcaddr "all"

set dstaddr "Linuxvip"

set action accept

set schedule "always"

nameset service "SSH"

next

*Originally published at APLawrence.com

View All Articles by A.P. Lawrence



Receive Our Daily Email of Breaking eBusiness News

About the Author:
A.P. Lawrence provides SCO Unix and Linux consulting services http://www.pcunix.com

WebProNews RSS Feed

More Expert Articles Articles

Contact WebProNews
Advertisement





TOP NEWS

WebProBlog
The official blog of WebProNews.

Go to WebProBlog

Targeted Information for Business
WebProNews is part of the iEntry network
Internet Business: Marketing: Small Business:
WebProNews MarketingNewz SmallBusinessNewz
WebProWorld AdvertisingDay PromoteNews
EcommNewz SalesNewz EntrepreneurNewz

Software: Search Engines: Web Design:
WebMasterFree Jayde B2B DesignNewz
NetworkingFiles SearchZA FlashNewz
SecurityConfig SearchNewz WebSiteNotes

Developer: IT Management: Security:
DevWebPro ITManagement SecurityProNews
DevNewz SysAdminNews SecurityConfig
TheDevWeb NetworkingFiles NetworkNewz
The iEntry Network consists of over 100 web publications reaching millions of Internet Professionals. Contact us to advertise.
eBUSINESS RESOURCES






 Advertise | Contact Us | Corporate | Newsletter | Sitemap | Submit an Article | News Feeds
 WebProNews is an iEntry, Inc. ® publication - $line) { echo $line ; } ?> All Rights Reserved
WebProWorld
Ten most recent posts.


SearchBrains.com
NetworkingFiles
Featured Software


About WebProNews
WebProNews is the number one source for eBusiness News. Over 5 million eBusiness professionals read WebProNews and other iEntry business and tech publications.

WebProNews provides real-time coverage of internet business.

Free Email Newsletters:
WebProNews SearchNewz
WebProWorld DevWebPro
Marketing SecurityNews
Plus over 100 other newsletters!

Send me relevant info on products and services.


iEntry.com WebProWorld RSS Feed WebProWorld Contact WebProNews Print Version Email a friend Bookmark us SearchBrains.com SearchBrains RSS Feed