Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
jrosado_FTNT
Staff
Staff

Created on ‎11-04-2016 06:19 PM

Article Id 197935

Technical Note: DynDNS VIP

Description
If the WAN link uses a dynamic IP address and a FortiGuard DDNS FQDN has been configured, it may be used to reach internal services by the means of a VIP.
Solution

Make sure an FQDN has been configured for FortiGuard DDNS service.

 

config system ddns
    edit 1
        set ddns-server FortiGuardDDNS
        set ddns-domain "myfortigate.fortiddns.com"
        set monitor-interface "wan1"
    next
end

Configure a VIP leaving the external IP address all zeros. 

config firewall vip
    edit "PublicServer"
        set extip 0.0.0.0 0.0.0.0
        set extintf "wan1"
        set portforward enable
        set mappedip 192.168.1.250
        set extport 8010
        set mappedport 8010
    next
end

You should be able to reach the server on the FortiGuard DDNS FQDN and port you defined on the VIP.

 

            http://myfortigate.fortiddns.com:8010



2797
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.