Next Generation Firewall (NGFW)

Hello everybody,

Actually i need to comunicate two host on the same vlan conected to the same firewall interface but trought its public IPs

host 1: 192.168.0.1/24
host 2: 192.168.0.2/24
GW for both: 192.168.0.10


gateway/firewall interface: 192.168.0.10/24

public ip-host1:5.5.5.5
public ip-host2:6.6.6.6

i need that host1 comunicate with 6.6.6.6 and host2 comunicate to 5.5.5.5 and don't use its private IPs

how this can be possible, all connected to the same fortigate?

This seems rather unusual but you should be able to accomplish your goal with virtual IP's.

1. Ensure you have 5.5.5.5 and 6.6.6.6 bound to a WAN interface
2. Create a virtual IP for each public IP to private IP
3. Create firewall policy allowing traffic.  Make sure you select your virtual IP objects for the destination.

------------------------------
Ken
------------------------------

Original Message:
Sent: Jun 16, 2022 10:14 AM
From: Reinaldo Otero
Subject: comunicate two host on the same vlan, on the same firewall between INTERNET

Hello everybody,

Actually i need to comunicate two host on the same vlan conected to the same firewall interface but trought its public IPs

host 1: 192.168.0.1/24
host 2: 192.168.0.2/24
GW for both: 192.168.0.10


gateway/firewall interface: 192.168.0.10/24

public ip-host1:5.5.5.5
public ip-host2:6.6.6.6

i need that host1 comunicate with 6.6.6.6 and host2 comunicate to 5.5.5.5 and don't use its private IPs

how this can be possible, all connected to the same fortigate?

Hi Ken,

about 2 and 3 im ok but what do you mean with bound to a wan interface ?

Thanks,
Original Message:
Sent: Jun 17, 2022 08:47 AM
From: Ken Mickeletto
Subject: comunicate two host on the same vlan, on the same firewall between INTERNET

This seems rather unusual but you should be able to accomplish your goal with virtual IP's.

1. Ensure you have 5.5.5.5 and 6.6.6.6 bound to a WAN interface
2. Create a virtual IP for each public IP to private IP
3. Create firewall policy allowing traffic.  Make sure you select your virtual IP objects for the destination.

------------------------------
Ken

Original Message:
Sent: Jun 16, 2022 10:14 AM
From: Reinaldo Otero
Subject: comunicate two host on the same vlan, on the same firewall between INTERNET

Hello everybody,

Actually i need to comunicate two host on the same vlan conected to the same firewall interface but trought its public IPs

host 1: 192.168.0.1/24
host 2: 192.168.0.2/24
GW for both: 192.168.0.10


gateway/firewall interface: 192.168.0.10/24

public ip-host1:5.5.5.5
public ip-host2:6.6.6.6

i need that host1 comunicate with 6.6.6.6 and host2 comunicate to 5.5.5.5 and don't use its private IPs

how this can be possible, all connected to the same fortigate?