Fortigate - Accessing a Virtual Server address from several interfaces
Posted
by
Jeremy G
on Server Fault
See other posts from Server Fault
or by Jeremy G
Published on 2012-06-23T05:09:43Z
Indexed on
2012/06/23
9:19 UTC
Read the original article
Hit count: 592
I am setting up a new application in its own DMZ on our Fortigate 300C firewalls. I have defined a load-balancing configuration for part of the application, and this works fine for traffic coming in from our internal network.
However, I would also like this application to be reachable from other DMZs, for inter-application traffic, and from the SSL VPN interface. I can't seem to define the required policy, and it seems this is due to Virtual Servers being bound to the client interface on the Fortigate rather than the server interface (and so my virtual IP is not accessible from any of these other interfaces)
Does anyone have an idea how I might go about this ? I guess I could create other virtual IPs for each interface, but this gets complicated to handle as clients need to change the address they use depending on how they are connecting.
Thanks, Jeremy G
© Server Fault or respective owner