Can't access Virtual IP from LAN Segment

Author
kahardreams
New Member
  • Total Posts : 2
  • Scores: 0
  • Reward points: 0
  • Joined: 2016/10/25 19:58:28
  • Status: offline
2019/07/14 02:27:11 (permalink)
0

Can't access Virtual IP from LAN Segment

Hi everyone.. i'd like to ask some question... Here is the detail:

Lan IP :
Host 1 : 172.16.17.17
Host 2 : 172.16.17.18
Gateway : 172.16.17.253(Lan1)

Virtual IP port forward (wan1):
202.123.234.101 => 172.16.17.18

Internet gateway(wan2):
202.123.234.102

Policy:
Policy 1(enable) :
Src-int :Lan1
Dst-int:wan2
Src-addr:host1 & host2
Dst-addr:all
Srvc:all

Policy2(enable):
Src-int:wan1
Dst-int:lan1
Src-addr:all
Dst-addr:vip(202.123.234.101 => 172.16.17.18)

Condition:
1. host1 & host2 able to connect to internet except virtual ip
2. Public able to connect to virtual IP

Question:
How do i setup configuration to get host1&2 (Lan segment) to connect to virtual IP?? Because i have domain that points to the VIP(202.123.234.101).. so when i try to acces somedomain.com or 202.123.234.101 from Lan segment (host1&host2) , it can't connect.

It's on FortiOS 6.x

Did i miss some config here?

Thank you very much everyone..
#1

1 Reply Related Threads

    hubertzw
    Gold Member
    • Total Posts : 192
    • Scores: 5
    • Reward points: 0
    • Joined: 2018/04/16 13:29:04
    • Status: offline
    Re: Can't access Virtual IP from LAN Segment 2019/07/15 04:26:43 (permalink)
    #2
    Jump to:
    © 2019 APG vNext Commercial Version 5.5