Tag Archives: Virtual IP

FortiGate Virtual IPs without Reference

2016-04-20Fortinet, NATfail, FortiGate, Fortinet, MIP, NAT, VIP, Virtual IPJohannes Weber

Migrating from Juniper ScreenOS firewalls to FortiGates, there are some differences to note with static NATs, i.e., Mapped IPs (MIPs) on a Netscreen and Virtual IPs (VIPs) on a FortiGate. While the Juniper MIPs on an interface are always used by the firewall whenever a packet traverses the interface, the virtual IP objects on a FortiGate must be used at least once in the security policy before they are really used by the firewall.

Continue reading FortiGate Virtual IPs without Reference →

FortiGate Virtual IPs with Interface “Any”

2016-04-20Fortinet, NATFortiGate, Fortinet, MIP, NAT, Policy Routing, VIP, Virtual IPJohannes Weber

On the FortiGate firewall, address objects and virtual IPs (VIPs) can be set up with an interface. For address objects this has no technical relevance – the address objects simply only appear on policies if the appropriate interface is selected. But for virtual IPs, this setting has relevance on how connections are NATed. This can be problematic.

Continue reading FortiGate Virtual IPs with Interface “Any” →

Weberblog.net

IT-Security, Networks, IPv6, VPN, DNSSEC, NTP

Tag Archives: Virtual IP

FortiGate Virtual IPs without Reference

FortiGate Virtual IPs with Interface “Any”