ip pool NAT

Forum|Forum|5 years ago
June 30, 2020
1 reply
2665 views

Hi Is there a way to exclude one ip address from NAT IP pool ? Today I'm splitting the ip pool into two pools and then attach them to the policy ... this is frustrating .. because sometimes I need to exclude more than one IP it would be nice to have this feature

ede_pfau

SuperUser

Is this a question or a feature request? IMHO you're doing it already the way it's got to be.

The next feature request would be to be also able to negate the IP range...

live89Author

Explorer III

Hi @ede_pfau

Thanks for the response

The way I'm doing it today is frustrating, because sometimes I need to exclude more than one IP, and for that I'm splitting the ip pool into more than two ip pools.

And also I'm not pretty sure about how the Fortigate behave when splitting ip pool into more than one , I mean how it behaves with load balancing the source ip addresses with the NAT overload

is it using equally both ip pools ? is it using the multiple ip pool from top to down in the fwpolicies ?

ede_pfau

SuperUser

AFAIR pools are used until exhausted, that is, first pool, then next.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded