Configuring port forwarding in non-HA mode
FortiGate configuration
Complete the following steps in the FortiGate UI.
- Go to Policy & Objects > Virtual IPs.
- Create two IPv4 virtual IPs with the following information:
IP-Mapping-443: <external_IP_address> > 10.160.12.207 (TCP: 12443 > 443)
IP-Mapping-8887: <external_IP_address> > 10.160.12.207 (TCP: 12887 > 8887)
- Go to Policy & Objects > IPv4 Policy > Create New.
- Create an IPv4 policy that includes the two virtual IPs that you created.
FortiIsolator configuration
Use the FortiIsolator CLI to configure port forwarding mappings. Use the fis-ipmap
command in the following format:
set fis-ipmap <external_port> <internal_port> <external_IP_address>
For example, set fis-ipmap 12443 12887 <external_IP_address
Client system configuration
Complete the following steps on the client system (for example, Windows 10).
- In Windows 10, launch CMD as administrator.
- Use the following commands to add the FortiGate IP address to the routing table on the client system:
- At the command prompt, type
route ADD <external_IP_address> Mask 255.255.255.255 <FortiGate_IP_address>
.For example,
route –p ADD <external_IP_address> MASK 255.255.255.255 10.160.17.89
. - To confirm the setup, type
route print
.
- At the command prompt, type
- To verify that it works in a browser, browse to https://<external_IP_address>:12443/isolator/https://www.google.com.