FortiGate - Multiple VIP with same port forward and IP
I have an on-premise Microsoft Exchange email server on my LAN behind a FortiGate 51E and I also have a SonicWall Virtual Email Security Appliance on the LAN.
Currently there are 2 VIP's that are port forwarding port 25 and 587 to my SonicWall Virtual Email Security Appliance. There is also an IPv4 Policy allowing this traffic from any source address.
I want to create 2 more VIP's that would port forward port 25 and 587 to my Microsoft Exchange email server, using the same public facing WAN IP address as my other 2 VIP's that are going to the SonicWall Virtual Email Security Appliance. However, I have an IPv4 Policy that is looking for specific source IP addresses that would allow the traffic to the 2 new VIP's that I want to create.
Essentially, I want specific traffic coming in on port 25 and 587 to go to my Microsoft Exchange email server, and all other traffic coming in on port 25 and 587 to go to my SonicWall Virtual Email Security Appliance. These would both be using the same WAN IP address.
Is there a way I can do this? From what I have researched it is not possible unless I use a separate WAN IP address, but since there's an IPv4 Policy in place, wouldn't the FortiGate know which VIP to use? When I try to create the new VIP's I get the error "A duplicate entry already exists.".