Configuring Port Forwarding in Fortigate Firewall

Posted: July 31, 2018 in fortigate

In this example we’ll configure port forwarding for web site so that call to IP:8080 will be redirected to port 80 and forwarder to Windows Web Server behind Fortigate Firewall

 

3.PNG

 

I created custom VPC,created Internet Gateway (info how to create custom VPC can be found here)

Creating Fortigate “public” route

Create Route table for Fortigate “public” network, route all traffic to Internet Gateway-associate “public” subnet (192.168.10.0)

0.PNG

 

0-1.PNG

 

Creating route for “private” network

Router all traffic from “private” network (192.168.30.0) to “internal” Fortigate interface

 

0-2.PNG

 

0-3.PNG

 

Disable source-destination check on both Fortigate interfaces.

0-4.png

 

Click on interface to locate interface ID

0-5

In AWS instance go to Network Interfaces ,select interface from Action menu select Change Source/Dest/Check

 

0-6

Select Disabled

 

0-7.PNG

 

Now login to Fortigate-Policy & Objects-Virtual IPs-create new-Virtual IP

0-8.png

Mapped IP address is address of Windows Web Server

 

0.PNG

 

Now create Incoming policy

Incoming interface:External interface

Outgoing Interface:Internal interface

Destination:Virtual IP

 

0-1

 

2.PNG

 

1.PNG

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s