2.)FortiGate命令行配置: config firewall vip edit vip1 set type fqdn set exip 1.1.1.1(Gate内网IP) set extintf port1 set mapped-addr zone.secevery.com(FQDN名称) show en 然后在界面里配置端口80转发。 高级版本里可以直接在UI界面中配置,如下图所示: 3...
FortiGate # config firewall address FortiGate (address) # edit clientnet new entry 'clientnet' added FortiGate (clientnet) # set subnet 192.168.1.0 255.255.255.0 FortiGate (clientnet) # end 5.添加ip池 FortiGate (ippool) # edit nat-pool new entry 'nat-pool' added FortiGate (nat-pool) # ...
6.添加虚拟ip FortiGate # config firewall vip FortiGate (vip) # editwebserver new entry 'webserver' added FortiGate (webserver) # set extip 202.0.0.167 FortiGate (webserver) # set extintf wan1 FortiGate (webserver) # set mappedip 192.168.0.168 FortiGate (webserver) # end 7.配置上网策略 ...
4. 新建虚拟IP group,并关联虚拟IP config firewall vipgrp edit "Test" //创建组名 set uuid 31aa331c-637b-51ea-4b5f-35d239897836 //UUID 自动生成 set interface "any" //接口任意 set comments "Test_VIP_Group" //可选,描述 set member "3389" "69" //将之前创建的 3389和69加入到该组 ne...
b.创建策略,并调用VIP config firewall policy edit 1 set name "test" set uuid 4f007e72-6b8a-51eb-3e87-d1cfe35c0b71 set srcintf "port3" // 外部接口 set dstintf "port2" // 内部接口 set srcaddr "all" set dstaddr "56.56.56.52-5.5.5.1" set action accept set schedule "always" set ...
11、#160; FortiGate # config firewall vip FortiGate (vip) # edit webserver new entry 'webserver' added FortiGate (webserver) # set extip 202.0.0.167 12、0; FortiGate (webserver) # set extintf wan1 FortiGate (webserver) # set mappedip 192.168.0.168 FortiGate (webserver) # end 7、...
FortiGate # config firewall vip FortiGate (vip) # edit webserver new entry 'webserver' added FortiGate (webserver) # set extip 202.0.0.167 FortiGate (webserver) # set extintf wan1 FortiGate (webserver) # set mappedip 192.168.0.168 FortiGate (webserver) # end 7、配置上网策略 FortiGate #...
FortiGate # config firewall vip FortiGate (vip) # edit webserver new entry 'webserver' added FortiGate (webserver) # set extip 202.0.0.167 FortiGate (webserver) # set extintf wan1 FortiGate (webserver) # set mappedip 192.168.0.168
5、set extintf wan1fortigate (webserver) # set mappedip 192.168.0.168 fortigate (webserver) # end7、配置上网策略fortigate # config firewall policy fortigate (policy) # edit 1fortigate (1)#set srcintf internal /源接口fortigate (1)#set dstintf wan1/目的接口fortigate (1)#set srcaddr all/...
FortiGate # config firewall vip FortiGate (vip) # edit webserver new entry 'webserver' added FortiGate (webserver) # set extip 202.0.0.167 FortiGate (webserver) # set extintf wan1 FortiGate (webserver) # set mappedip 192.168.0.168 FortiGate (webserver) # end 7、配置上网策略 FortiGate #...