Fortinet FortiGate 50A User Manual Page 158
- Page / 272
- Table of contents
- BOOKMARKS
Rated. / 5. Based on customer reviews
158 Fortinet Inc.
Virtual IPs Firewall configuration
Adding static NAT virtual IPs
To add a static NAT virtual IP
1 Go to Firewall > Virtual IP.
2 Select New to add a virtual IP.
3 Type a Name for the virtual IP.
The name can contain numbers (0-9), uppercase and lowercase letters (A-Z, a-z), and
the special characters - and _. Other special characters and spaces are not allowed.
4 Select the virtual IP External Interface from the list.
The external interface is the interface connected to the source network that receives
the packets to be forwarded to the destination network.
You can set the virtual IP external interface to any FortiGate interface. Ta b le 1 9
contains example virtual IP external interface settings and describes the policies that
you can add the resulting virtual IP to.
5 In the Type section, select Static NAT.
6 Enter the External IP Address that you want to map to an address on the destination
network.
For example, if the virtual IP provides access from the Internet to a web server on a
destination network, the external IP address must be a static IP address obtained from
your ISP for your web server. This address must be a unique address that is not used
by another host and cannot be the same as the IP address of the external interface
selected in step 4. However, this address must be routed to this interface. The virtual
IP address and the external IP address can be on different subnets.
If the IP address of the external interface selected in step 4 is set using PPPoE or
DHCP, you can enter 0.0.0.0 for the external IP address. The FortiGate unit
substitutes the IP address set for this external interface using PPPoE or DHCP.
7 In Map to IP, type the real IP address on the destination network, for example, the IP
address of a web server on an internal network.
8 Select OK to save the virtual IP.
You can now add the virtual IP to firewall policies.
Table 19: Virtual IP External Interface examples
External Interface Description
internal To map an internal address to an external address. If you select internal,
the static NAT virtual IP can be added to Int->Ext policies.
external To map an external address to an internal address. If you select external,
the static NAT virtual IP can be added to Ext->Int policies.
Note: The firewall translates the source address of outbound packets from the host with the
Map to IP address to the virtual IP External IP Address, instead of the firewall external address.
- Installation and 1
- Configuration Guide 1
- Table of Contents 3
- 4 Fortinet Inc 4
- 6 Fortinet Inc 6
- 8 Fortinet Inc 8
- 10 Fortinet Inc 10
- Contents 11
- 12 Fortinet Inc 12
- Introduction 13
- Document conventions 14
- Fortinet documentation 15
- 16 Fortinet Inc 16
- Getting started 17
- Package contents 18
- Mounting 18
- Powering on 19
- 20 Fortinet Inc 20
- 22 Fortinet Inc 22
- 24 Fortinet Inc 24
- Strict content profile 25
- 26 Fortinet Inc 26
- Scan content profile 26
- Web content profile 26
- Unfiltered content profile 27
- NAT/Route mode 27
- 28 Fortinet Inc 28
- Transparent mode 28
- Configuration options 28
- Setup wizard 28
- 30 Fortinet Inc 30
- Next steps 31
- 32 Fortinet Inc 32
- NAT/Route mode installation 33
- 34 Fortinet Inc 34
- Using the setup wizard 35
- 36 Fortinet Inc 36
- FortiGate-50A 37
- Configuring your networks 38
- Completing the configuration 38
- 40 Fortinet Inc 40
- Transparent mode installation 41
- Changing to Transparent mode 43
- 46 Fortinet Inc 46
- General configuration steps 47
- 48 Fortinet Inc 48
- CLI configuration steps 48
- 50 Fortinet Inc 50
- 52 Fortinet Inc 52
- System status 53
- 54 Fortinet Inc 54
- 56 Fortinet Inc 56
- 58 Fortinet Inc 58
- 60 Fortinet Inc 60
- 62 Fortinet Inc 62
- Backing up system settings 64
- Restoring system settings 64
- Changing to NAT/Route mode 66
- Restarting the FortiGate unit 66
- 68 Fortinet Inc 68
- System status System status 69
- Session list 70
- 72 Fortinet Inc 72
- 74 Fortinet Inc 74
- Scheduling updates 76
- Adding an override server 77
- Enabling push updates 78
- 80 Fortinet Inc 80
- 82 Fortinet Inc 82
- Registering FortiGate units 83
- 84 Fortinet Inc 84
- FortiCare Service Contracts 84
- 86 Fortinet Inc 86
- 88 Fortinet Inc 88
- 90 Fortinet Inc 90
- 92 Fortinet Inc 92
- Network configuration 93
- 94 Fortinet Inc 94
- Viewing the interface list 94
- 96 Fortinet Inc 96
- 98 Fortinet Inc 98
- Configuring routing 100
- 102 Fortinet Inc 102
- Configuring the routing table 102
- Policy routing 103
- Configuring DHCP services 104
- Configuring a DHCP server 105
- 106 Fortinet Inc 106
- 108 Fortinet Inc 108
- Configuring modem settings 108
- Disconnecting the modem 109
- 110 Fortinet Inc 110
- Viewing modem status 110
- Backup mode configuration 110
- Standalone mode configuration 110
- 112 Fortinet Inc 112
- RIP configuration 113
- 114 Fortinet Inc 114
- 116 Fortinet Inc 116
- Adding RIP filters 117
- 118 Fortinet Inc 118
- 120 Fortinet Inc 120
- System configuration 121
- Changing system options 122
- 124 Fortinet Inc 124
- Configuring SNMP 125
- 126 Fortinet Inc 126
- 4 Select Apply 127
- 128 Fortinet Inc 128
- FortiGate MIBs 128
- FortiGate traps 129
- General FortiGate traps 129
- System traps 129
- Firewall configuration 131
- Replacement messages 133
- 134 Fortinet Inc 134
- Customizing alert emails 134
- NIDS event 135
- Virus alert 135
- Block alert 135
- 136 Fortinet Inc 136
- 138 Fortinet Inc 138
- Addresses 138
- Services 139
- Schedules 139
- Content profiles 139
- Adding firewall policies 140
- 142 Fortinet Inc 142
- VPN Tunnel 142
- Traffic Shaping 142
- Authentication 143
- Anti-Virus & Web filter 143
- Configuring policy lists 144
- Policy matching in detail 145
- Adding addresses 147
- 148 Fortinet Inc 148
- Editing addresses 148
- Deleting addresses 148
- 150 Fortinet Inc 150
- 152 Fortinet Inc 152
- Adding custom ICMP services 153
- Adding custom IP services 153
- Grouping services 153
- Creating one-time schedules 155
- Creating recurring schedules 155
- 156 Fortinet Inc 156
- Adding schedules to policies 156
- Virtual IPs 157
- 158 Fortinet Inc 158
- Adding static NAT virtual IPs 158
- 160 Fortinet Inc 160
- IP pools 161
- 162 Fortinet Inc 162
- Adding an IP pool 162
- IP pools and dynamic NAT 162
- IP/MAC binding 163
- 164 Fortinet Inc 164
- Adding IP/MAC addresses 165
- Enabling IP/MAC binding 165
- Default content profiles 167
- Adding content profiles 167
- 168 Fortinet Inc 168
- 170 Fortinet Inc 170
- Users and authentication 171
- 172 Fortinet Inc 172
- Configuring RADIUS support 174
- Configuring LDAP support 175
- 176 Fortinet Inc 176
- Deleting LDAP servers 176
- Configuring user groups 177
- 178 Fortinet Inc 178
- Deleting user groups 178
- IPSec VPN 179
- Key management 180
- Manual key IPSec VPNs 181
- AutoIKE IPSec VPNs 182
- IPSec VPN AutoIKE IPSec VPNs 183
- 184 Fortinet Inc 184
- Configuring advanced options 185
- 186 Fortinet Inc 186
- 188 Fortinet Inc 188
- Managing digital certificates 190
- 6 Configure the key 191
- 192 Fortinet Inc 192
- Obtaining CA certificates 192
- Configuring encrypt policies 193
- 194 Fortinet Inc 194
- Adding a source address 194
- Adding a destination address 194
- Adding an encrypt policy 195
- IPSec VPN concentrators 196
- 198 Fortinet Inc 198
- Adding a VPN concentrator 198
- 200 Fortinet Inc 200
- Viewing VPN tunnel status 201
- 202 Fortinet Inc 202
- Testing a VPN 202
- PPTP and L2TP VPN 203
- 204 Fortinet Inc 204
- 206 Fortinet Inc 206
- 208 Fortinet Inc 208
- Configuring L2TP 209
- 210 Fortinet Inc 210
- 212 Fortinet Inc 212
- 214 Fortinet Inc 214
- Detecting attacks 215
- 216 Fortinet Inc 216
- Viewing the signature list 217
- Viewing attack descriptions 217
- 218 Fortinet Inc 218
- Preventing attacks 220
- Logging attacks 222
- Manual message reduction 223
- 224 Fortinet Inc 224
- Antivirus protection 225
- Antivirus scanning 226
- File blocking 227
- 228 Fortinet Inc 228
- Viewing the virus list 229
- 230 Fortinet Inc 230
- Web filtering 231
- Content blocking 232
- Clearing the Banned Word list 233
- 234 Fortinet Inc 234
- URL blocking 235
- 236 Fortinet Inc 236
- Uploading a URL block list 236
- 238 Fortinet Inc 238
- Adding a Cerberian user 238
- Script filtering 240
- Exempt URL list 241
- 242 Fortinet Inc 242
- Uploading a URL Exempt List 242
- 244 Fortinet Inc 244
- Email filter 245
- Email banned word list 246
- Email block list 248
- Email exempt list 249
- Adding a subject tag 250
- Logging and reporting 251
- 252 Fortinet Inc 252
- Filtering log messages 253
- Configuring traffic logging 254
- Enabling traffic logging 255
- 256 Fortinet Inc 256
- Adding traffic filter entries 256
- Configuring alert email 257
- 258 Fortinet Inc 258
- Testing alert email 258
- Enabling alert email 258
- Glossary 259
- 260 Fortinet Inc 260
- Glossary 261
- 262 Fortinet Inc 262
- 264 Fortinet Inc 264
- 266 Fortinet Inc 266
- 268 Fortinet Inc 268
- 270 Fortinet Inc 270
- 272 Fortinet Inc 272
Related products and manuals for Hardware Fortinet FortiGate 50A
Hardware Fortinet FortiGate 620B User Manual
(62 pages)
(62 pages)
Hardware Fortinet FortiGate 100 User Manual
(272 pages)
(272 pages)
Hardware Fortinet FortiGate 5020 User Manual
(14 pages)
(14 pages)
Hardware Fortinet FortiLog-400 User Manual
(124 pages)
(124 pages)
© 2020, manymanuals.com. All rights reserved. | 1.391 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comments to this Manuals