IP transit ( how-to ) ?

Forum|Forum|4 years ago
August 18, 2021
2 replies
3723 views

Hi, Guys,

My network infrastructure like this:

1. SiteA has internet line (111.111.111.0/24) and a private line (subnet 192.168.1.0/24) connecting to SiteB ( subnet 10.10.10.0/24)

2. When internet user accesses one of my dedicated IP ( 111.111.111.10/24, which is NATed to an IP of Site B ( IP transit ? ), like 10.10.10.5/24)

Any idea to configure the Fortigate 400E in SiteA ?

Many thanks

Toshi_Esumi

SuperUser

Incoming direction is easy. Just configure VIP to map 111.111.111.10->10.10.10.5. I assume the route to get to the destination is already there at the 400E. But the returning direction is tricky unless all internet traffic from SiteB comes through SiteA. Because if the access sources outside are random, SiteB's router needs to have a default route coming back to SiteA. Otherwise, it would go out via SiteB's internet, which uses a different outside/public IP for its source address.

If the access sources are limited and their IPs are static, you can set static routes at the SiteB router toward SiteA.

BensonLEIAuthor

New Member

Thanks for your quick reply.

You are right, the route table has been configured.

The configuration is being used in juniper SRX ( Source NAT + destination NAT );

But in Fortigate (Source NAT (IP pool) + Destination NAT (VIP) ) is also working ?

Many thanks

BensonLEIAuthor

New Member

It is so called Double-NAT, thanks a lot, solved

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded