216
01-28006-0092-20041105
Fortinet Inc.
Virtual IP
Firewall
To edit a recurring schedule
1
Go to
Firewall > Schedule > Recurring
.
2
Select the Edit icon beside the recurring schedule you want to modify.
3
Modify the schedule as required.
4
Select OK.
Virtual IP
Use virtual IPs to access IP addresses on a destination network that are hidden from
the source network by NAT security policies. To allow connections between these
networks, you must create a mapping between an address on the source network and
the real address on the destination network. This mapping is called a virtual IP.
For example, if the computer hosting your web server is located on the network
connected to port3, it could have a private IP address such as 10.10.10.3. If port2
connects to the Internet, to get packets from the Internet to the web server, you must
have an external address for the web server on the Internet. You must then add a
virtual IP to the firewall that maps the external IP address of the web server to the
actual address of the web server on the port3 network. To allow connections from the
Internet to the web server, you must then add a port2
->
port3 firewall policy and set
Destination to the virtual IP.
You can create three types of virtual IPs:
This section describes:
•
Virtual IP list
•
Virtual IP options
•
Configuring virtual IPs
Note:
To change the one-time schedule name you must delete the schedule and add it with a
new name.
Static NAT
Used to translate an address on a source network to a hidden address on a
destination network. Static NAT translates the source address of return
packets to the address on the source network.
Port Forwarding
Used to translate an address and a port number on a source network to a
hidden address and, optionally, a different port number on a destination
network. Using port forwarding you can also route packets with a specific
port number and a destination address that matches the IP address of the
interface that receives the packets. This technique is called port forwarding
or port address translation (PAT). You can also use port forwarding to
change the destination port of the forwarded packets.
Dynamic port
forwarding
Similar to port forwarding, dynamic port forwarding is used to translate any
address and a specific port number on a source network to a hidden
address and, optionally a different port number on a destination network.
Note:
The maximum number of virtual IPs is 1024.
Содержание FortiGate FortiGate-300A
Страница 46: ...46 01 28006 0092 20041105 Fortinet Inc Changing the FortiGate firmware System status ...
Страница 72: ...72 01 28006 0092 20041105 Fortinet Inc FortiGate IPv6 support System network ...
Страница 80: ...80 01 28006 0092 20041105 Fortinet Inc Dynamic IP System DHCP ...
Страница 110: ...110 01 28006 0092 20041105 Fortinet Inc FortiManager System config ...
Страница 116: ...116 01 28006 0092 20041105 Fortinet Inc Access profiles System administration ...
Страница 246: ...246 01 28006 0092 20041105 Fortinet Inc CLI configuration Users and authentication ...
Страница 322: ...322 01 28006 0092 20041105 Fortinet Inc CLI configuration Antivirus ...
Страница 370: ...370 01 28006 0092 20041105 Fortinet Inc CLI configuration Log Report ...
Страница 384: ...384 01 28006 0092 20041105 Fortinet Inc Glossary ...
Страница 392: ...392 01 28006 0092 20041105 Fortinet Inc Index ...