Fortigate Static NAT Configuration

Fortigate Static NAT Configuration

Following is an example of Fortigate static NAT configuration, to statically translate the internal IP address 10.1.1.10 to 200.1.1.10

config firewall vip
    edit "NAT_200.1.1.10"
        set extip 200.1.1.10
        set extintf "port1"
        set mappedip 10.1.1.10
    next
end

Following the VIP configuration, be sure to configure the policies to allow flow of traffic. 
The policy that allows traffic coming from outside (Internet) should reference the VIP IP. 
The policy that allows traffic from inside (Trusted or DMZ zone) should reference the original IP.

One Comment

Add a Comment

Your email address will not be published. Required fields are marked *