Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
vinodhini
Staff
Staff

Created on ‎12-12-2019 02:24 AM

Article Id 195130

Techical Tip: How to change port mapping types in VIP

Description
This article describes how to change port mapping types in VIP.

Solution
When port forwarding in VIP configuration is enabled, get 1-to1 port mapping method is possible.
This will allow to map one 'External service port' to one 'Map to port'.




To configure many to many port mapping, use the following command in CLI:
# config firewall vip
    edit "m-to-n-mapping"
        set id 0
        set uuid fc1c2f3e-1ca3-51ea-e859-32dc40031db9
        set comment ''
        set type static-nat
        set extip 1.1.1.1
        set extintf "any"
        set arp-reply enable
        set nat-source-vip disable
        set portforward enable
        set gratuitous-arp-interval 0
        set ssl-client-rekey-count 0
        set color 0
        set mappedip "2.2.2.2"
        set protocol tcp
        set extport 60000-65000    
        set mappedport 60000-65000
        set portmapping-type m-to-n                  <----- Port mapping type m-to-n (many to many).
    next
end

In GUI, configure the range as below:






Labels:
3562
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.