Forskel mellem versioner af "Fortinet"

Fra NørderiWiki
Skift til: Navigation, Søgning
(NAT / VIP - Port forward: links)
Linje 15: Linje 15:
  
 
http://help.fortinet.com/fos50hlp/56/Content/FortiOS/fortigate-firewall/Object%20Configuration/Addresses/Addresses.htm
 
http://help.fortinet.com/fos50hlp/56/Content/FortiOS/fortigate-firewall/Object%20Configuration/Addresses/Addresses.htm
 +
 +
= public ip =
 +
 +
config firewall dsntranslation
 +
    edit 1
 +
        set dst 217.pp.pp.pp
 +
        set netmask 255.255.255.255
 +
        set src 192.168.1.100
 +
        next
 +
    end
 +
 +
Hairpin
  
 
= VDOM =
 
= VDOM =

Versionen fra 20. dec 2017, 16:25

NAT / VIP - Port forward

Lav VIPs for hver port der skal åbnes/forwardes, fx:

public.y.xxx.zz --> 192.168.1.50 (TCP: 3390 --> 3389)

Hvis der er flere porte mod samme server, kan der laves en VIP group.

Herefter er det bare at lave en policy med VIP group som destination og ALL i Service.

Se https://docs.fortinet.com/uploaded/files/1652/using-port-forwarding-on-a-FortiGate-unit.pdf


http://help.fortinet.com/fos50hlp/56/Content/FortiOS/fortigate-firewall/Object%20Configuration/Virtual%20IPs/Configuring%20a%20VIP%20for%20IPv4.htm


http://help.fortinet.com/fos50hlp/56/Content/FortiOS/fortigate-firewall/Object%20Configuration/Addresses/Addresses.htm

public ip

config firewall dsntranslation 

   edit 1
       set dst 217.pp.pp.pp
       set netmask 255.255.255.255
       set src 192.168.1.100
       next
   end

Hairpin

VDOM

config system global
set vdom-admin enable
end
Hentet fra "https://wiki.kvig.dk/index.php?title=Fortinet&oldid=3767"