Firewall Virtual IP Adding NAT firewall policies in transparent mode
FortiGate Version 4.0 MR1 Administration Guide
01-410-89802-20090903 469
http://docs.fortinet.com/ • Feedback
Figure 264: Example NAT in Transparent mode configuration
To add a source address translation NAT policy in Transparent mode
1 Enter the following command to add two management IPs.
The second management IP is the default gateway for the internal network.
config system settings
set manageip 10.1.1.99/24 192.168.1.99/24
end
2 Enter the following command to add an IP pool to the wan1 interface:
config firewall ippool
edit nat-out
set interface "wan1"
set startip 10.1.1.201
set endip 10.1.1.201
end
3 Enter the following command to add an internal to wan1 firewall policy with NAT
enabled that also includes an IP pool:
config firewall policy
edit 1
set srcintf "internal"
set dstintf "wan1"
set scraddr "all"
set dstaddr "all"
set action accept
set schedule "always"
set service "ANY"
set nat enable
set ippool enable
set poolname nat-out
end
DMZ network
10.1.1.0/24
10.1.1.0/24
Transparent mode
Management IPs:
10.1.1.99
192.168.1.99
Internal network
192.168.1.0/24
Internal
DMZ
WAN 1
Router
Internet
To Next Page
Loading...
