Re: Make internal Web Server accessible to outside using WAN with NAT (private IP)
Re your original post - setting up DDNS requires you register with a DDNS provider and possiblably setting up DNS records too. I like using fortinet's own ddns service as it seems to be automatic (when using a fgt device). eg.
config system ddns
set ddns-server FortiGuardDDNS
set ddns-domain "server-hostname.fortiddns.com"
set monitor-interface "wan1"
Things to keep in mind is it takes time for DNS records to propagate, so I suggest using an online ping service to test the FQDN resolves to your current IP.
And if your web server is going to be behind your fgt device you will need to change the default port access to your fgt device (e.g. port 80 and/or port 443) then set up port forwards on the WAN interface -> internal static IP:80 (or internal static IP:443) if you want to use standard HTTP/HTTPS web port access.
Admin Port access is done via
Personally, if you are going to expose an internal web server in such a manner, I advise putting the web server in a DMZ zone and think hard about what other security or UTM measures to put in place.
NSE4/FMG-VM64/FortiAnalyzer-VM/5.2/5.4 (FWF40C/FW92D/FGT200B/FGT200D/FGT101E)/ FAP220B/221C