I have a FortiGate 80c and I'm getting at a lost on how to port forward to get my OpenVPN service accessible externally.
I did setup the VirtualIP assigning tcp 1194 on the internal IP to the external one.
I did a firewall policy about this : ACCEPT any from WAN_external to any protocol openvpn (tcp+ud^1194) when source:all and dest:VIP_OPENVPN
What could I be doing wrong? Note that the setup works on the LAN.
Thank you.
You say that you have assigned
TCP 1194on the internal IP to the external one, but then you assign an additionalUDP 1194in your Policy.This UDP port should also be handled by the External interface.
I don't have a 80C but a 3140B, should be the same. Here is how i would setup things (assuming that your OpenVPN port and protocol are correct).
For the sample, let's say that :
200.200.200.200is the public IP (WAN_External)192.168.0.10is the private IP of the OpenVPN Server (LAN_Internal)First you should create two "Virtual IP" with Port Forwarding, like this :
Second, create the Policy :