General discussion

Locked

Fortigate firewall policy route problem

By ben_che ·
I have a Fortigate firewall configured with Virtual IP and one Internet link (WAN1), this configuration works fine. But today, I add one more Internet link and would like to setup policy route to let VIP to use new Internet link to access Internet. Old Internet link is dedicated for publishing my servers. Setting of policy route is: Source IP: 192.168.0.0/16, Dest. IP: 0.0.0.0/0.0.0.0, force traffic to 199.111.0.9 (WAN2)

Although the policy route works fine and the my published servers can be access from Internet properly, my internal users cannot access my published servers with their Internet IP.
for example: The Virtual IP has external IP 199.100.0.11 (WAN1), it is mapping the interal IP 192.168.0.1. Users in Internet can access the published service through 199.100.0.11, but my internal users cannot access the same service throught 199.100.0.10, they can only access the service through 192.168.0.1.

Because of some reasons, we cannot have our own DNS server. So my internal users must point to external DNS server and access my published servers through URL rather than IP address.

I am sure that all the firewall policies and routing table are correct, because when I remove the policy route, my internal users can access the servers through URL, but I must have policy route since I need to assign dedicated link for the users to use new Internet link (WAN2) for web browsing.

Would you please help to provide suggestion? Thank you!!!!!

This conversation is currently closed to new comments.

0 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Back to Networks Forum
0 total posts (Page 1 of 1)  

Related Discussions

Related Forums