Created on 10-30-2006 12:00 AM Edited on 01-30-2024 02:50 AM By Jean-Philippe_P
Article
Description |
When setting up a Virtual IP on the FortiGate for a mail server, there can be issues with mail being sent outbound through the firewall when NAT is configured. If you have a port translation on your external mail server IP address rather than full port translation, the mail coming back out will have the NAT translation of the firewall rather than the desired Virtual IP. |
||||||||||||||
Scope |
|
||||||||||||||
Solution |
To enable proper address translation using the virtual IP, use an IP Pool. First, create an address entry for the email server. To create an address
Next, create an IP Pool with the email server address. To create an IP Pool
Create a firewall policy for this NAT translation. To create a firewall policy
Ensure that the new rule is listed BEFORE the Internal to External Allow Any Rule for normal traffic to ensure that the FortiGate unit translates the email traffic before the normal Internet traffic. See also the related article "How do I configure a Virtual IP?" |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.