Adding policies with virtual ips, Policies with virtual ips – Fortinet FortiGate 4000 User Manual

Firewall configuration

Virtual IPs

FortiGate-4000 Installation and Configuration Guide

217

Figure 61: Adding a port forwarding virtual IP

Adding policies with virtual IPs

Use the following procedure to add a policy that uses a virtual IP to forward packets.

To add a policy with a virtual IP

1

Go to Firewall > Policy.

2

Select the type of policy that you want to add.
• The source interface must match the interface selected in the External Interface

list.

• The destination interface must match the interface connected to the network with

the Map to IP address.

3

Use the following information to configure the policy.

Source

Select the source address from which users can access the server.

Destination

Select the virtual IP.

Schedule

Select a schedule as required.

Service

Select the service that matches the Map to Service that you selected

for the port-forwarding virtual IP.

Action

Set action to ACCEPT to accept connections to the internal server.

You can also select DENY to deny access.

NAT

Select NAT if the firewall is protecting the private addresses on the

destination network from the source network.