Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

CLI Reference

system port-forwarding

FortiMail port forwarding allows remote computers, for example, computers on the Internet, to connect to a specific computer or service within a private local area network (LAN). Port Forwarding is useful when FortiMail is deployed as a gateway and you want external users to access an internal server via FortiMail.

For example, FortiMail port1 is connected to the Internet and its IP address 192.168.37.4, port 7000, is mapped to 10.10.10.42, port 8000, on a private network. Attempts to communicate with 192.168.37.4, port 7000, from the Internet are translated and sent to 10.10.10.42, port 8000, by the FortiMail unit. The computers on the Internet are unaware of this translation and see a single computer at 192.168.37.4, port 7000, rather than the 10.10.10.42 network behind the FortiMail unit.

Before you do the mapping, make sure both ports are open.

Syntax

config system port-forwarding

edit <route_int>

set destination <destination_ipv4mask>

set gateway <gateway_ipv4>

end

Variable

Description

Default

<number>

Enter the index number of the entry.

 

dst-host <calss_ip>

Enter the IP address of the host where the packets will be forwarded.

0.0.0.0

dst-port <port_number>

Enter the port number of the destination host.

0

host <class_ip>

Enter the IP address of the FortiMail interface where the packets are received.

0.0.0.0

port <port_number>

Enter the port number on the FortiMail interface where the packets are received.

0

protocol {tcp | udp | both}

Specify the protocol of the traffic.

tcp

system port-forwarding

FortiMail port forwarding allows remote computers, for example, computers on the Internet, to connect to a specific computer or service within a private local area network (LAN). Port Forwarding is useful when FortiMail is deployed as a gateway and you want external users to access an internal server via FortiMail.

For example, FortiMail port1 is connected to the Internet and its IP address 192.168.37.4, port 7000, is mapped to 10.10.10.42, port 8000, on a private network. Attempts to communicate with 192.168.37.4, port 7000, from the Internet are translated and sent to 10.10.10.42, port 8000, by the FortiMail unit. The computers on the Internet are unaware of this translation and see a single computer at 192.168.37.4, port 7000, rather than the 10.10.10.42 network behind the FortiMail unit.

Before you do the mapping, make sure both ports are open.

Syntax

config system port-forwarding

edit <route_int>

set destination <destination_ipv4mask>

set gateway <gateway_ipv4>

end

Variable

Description

Default

<number>

Enter the index number of the entry.

 

dst-host <calss_ip>

Enter the IP address of the host where the packets will be forwarded.

0.0.0.0

dst-port <port_number>

Enter the port number of the destination host.

0

host <class_ip>

Enter the IP address of the FortiMail interface where the packets are received.

0.0.0.0

port <port_number>

Enter the port number on the FortiMail interface where the packets are received.

0

protocol {tcp | udp | both}

Specify the protocol of the traffic.

tcp