Configuring FortiGate firewall policies and virtual IP addresses
- Configure FortiGate A. In the FortiGate-VM console, go to Policy & Objects > IPv4 Policy and create two new policies, as shown in this example. Create one policy for outgoing traffic from the private subnet, through the public subnet, to the Internet. Create another policy for incoming traffic from the Internet, through the public subnet, to the private subnet.
- Select Virtual IPs and create a new virtual IP, as shown in the example. This is Static NAT configuration.
- Edit the second policy. In the Destination field, enter the Windows Server’s IP address. In this example, it is 10.0.1.6.
- Repeat the same configuration on FortiGate B to have a virtual IP address for RDP and IPv4 firewall policies for incoming and outgoing traffic.