Configuring Port Forwarding on a Fortigate Router Follow

!! Remember Router Configuration is Billable as Professional Services !!

Overview

Customers will occasionally need to have ports forwarded directly from the internet to a device on their LAN.  The most requested forwards include ports for Phone Systems, Security Systems, and Printers.  The customer should be aware that opening these ports may cause security vulnerabilities due to hacking.

Note:  Port Forwarding is also called Destination Network Address Translation (DNAT)

Process

In this example we will use the following IP and Port settings:

  • External IP Address:  172.20.120.14
  • Internal IP Address:  192.168.1.110
  • Port to Forward:       9100
  1. Log on to the FortiNet router
  2. On the left column, select Firewall Objects > Virtual IP > Virtual IP
  3. Click Create New
  4. Enter your IP and Port information:
  5. Click OK
  6. From the left hand column select Policy > Policy > Policy
  7. Enter the Policy information like the following:
  8. Click OK
  9. The forwarding has been setup, and you should be able to use the following command to test the port from outside of the LAN.
    • Telnet 172.20.120.14 9100
    • You should get a response from the target device

NOTE:  Telnet may need to be installed on your computer to complete this test.

Have more questions? Submit a request

Comments

Powered by Zendesk