TechTalkSecurity

 Hairpin NAT (VIP) on Fortigate Firewall   Network Diagram: Scenario1: When both source and the destination is behind the same interface    Configuration:  config firewall vip     edit "HAIR-PIN-NAT"         set uuid 6f5f2122-c0c1-51ec-fe10-0057fadb8b73         set extip 14.140.40.108         set mappedip "192.168.0.100"         set extintf "any"         set portforward enable         set extport 12345         set mappedport 22     next end config firewall policy     edit 1         set name "SSH-PORT2-PORT1"         set uuid f4190a90-c0c1-51ec-38b3-61356f8da7f3         set srcintf "port2"         set dstintf "port1"         set action accept         set srcaddr "all"         set dstaddr "HAIR-PIN-NAT"         set schedule "always"         set service "ALL"         set nat enable     next     edit 2         set name "NAT-INTERNAL_HAIR_PIN"         set uuid 22a25094-c0cf-51ec-547