Configuring the VIP to access the remote servers

VIPs, interface IP addresses, and policies are created on the cloud FortiGate-VM to allow access to the remote servers.

To configure additional private IPs on AWS for the FortiGate VIP:
  1. On the FortiGate EC2 instance, edit the Elastic Network Interface that corresponds to port2. In this example, Network Interface eth1.
  2. Go to Actions > Manage IP Addresses.
  3. Add two private IP address in the 10.0.2.0/24 subnet.

    These address will be used in the VIPs on the FortiGate. This ensures that traffic to these IP addresses is routed to the FortiGate by AWS.

  4. Click Yes, Update.
To configure VIPs on the cloud FortiGate-VM:
  1. Go to Policy & Objects > Virtual IPs and click Create New > Virtual IP.

  2. Configure the following:

    Name

    VIP-HTTP

    Interface

    port2

    External IP address/range

    10.0.2.20

    Map to IPv4 address/range