Skip to main content
Chrissee
Chrissee
New Member
January 31, 2025
Question

FortiGate 40F WAN config issue

  • January 31, 2025
  • 2 replies
  • 1161 views

Hi together,

 

I have the following problem. I have a FortiGate 40F and a LAN configured (192.168.1.0/24) and I have connected the WAN port to another network (10.148.238.0/25).

I have created 2 firewall rules, only for testing. Later I will only open needed ports.

 

NameSourceDestinationScheduleServiceActionNAT
LAN -> WANallallalwaysALLACCEPTEnabled
WAN -> LANallallalwaysALLACCEPTEnabled


I can reach a computer from the LAN via RDP in the WAN but not vice versa. With port forwarding I only have the option of specifying the IP of the FortiGate WAN port. How do I manage to specify a LAN address? Have I overlooked something?

Thank you very much for your tips and help.

 


Regards,

Christian

2 replies

Toshi_Esumi
SuperUser
Toshi_Esumi
SuperUser
January 31, 2025

Why do you think you need to enable NAT for both policies? It's just private subnets on both ends without going out to the internet. They can reach each others without NAT.

 

Toshi

Chrissee
ChrisseeAuthor
New Member
January 31, 2025

Hi Toshi,

 

Thanks for your answer. In the WAN network I have a proxy with internet access.

 

Regards,

Christian

Toshi_Esumi
SuperUser
Toshi_Esumi
SuperUser
January 31, 2025

Then you need to separate policies between from/to the /25 and internet. Then set the NAT only for toward the internet. The /25 access doesn't need NAT.

Toshi

Terms & ConditionsAccessibility statement