Skip to main content
effendisusanto
effendisusanto
New Member
October 5, 2015
Question

LAN/WAN NAT configuration with Fortigate 90D

  • October 5, 2015
  • 3 replies
  • 14379 views

Hi All,

 

I have a problem with my implementation with fortigate 90D in my office.

My ISP give me /29 public IP to be used for our server, to access the ISP network, they give me another network (uplink network). I also want to create NAT for our staff. Is it possible to use fortigate 90D to accomplish this network plan?

I think it's quite usual network diagram, I already done it using mikrotik, but I want to change the mikrotik with fortigate 90D.

Please give me your suggestion how to configure the fortigate 90D. ( I use interface mode )

 

 

    3 replies

    gschmitt
    gschmitt
    New Member
    October 5, 2015

    VDOM in Transparent mode

    effendisusanto
    effendisusantoAuthor
    New Member
    October 6, 2015

    Thank you for your answer  gschmitt, but I really don't get it at all, how to do VDOM in transparent, would you like to elaborate?

    gschmitt
    gschmitt
    New Member
    October 6, 2015

    Start with this: https://www.youtube.com/watch?v=31MfllV3IwE but set one of the VDOMs to Transparent

    Create a VDOM Link and treat the NAT VDOM as "just another device behind the Transparent VDOM"

    Here is how you deal with a Transparent FGT: https://www.youtube.com/watch?v=xF1uvfEIr3M

     

    I can do a bigger how to but I need to get to my test device first :>

    effendisusanto
    effendisusantoAuthor
    New Member
    October 6, 2015

    I still no in clear understanding how this approach will solve my problem, but you gave me a quite interesting key "VDOM", I have plenty thing to try using this "VDOM", thank you for your suggestion, I will try it first.

     

    effendisusanto
    effendisusantoAuthor
    New Member
    October 7, 2015

    I stick to your "VDOM" idea, it is great :D, I already change the FG to interface mode since it easier to manage (IMO). Currently I make 2 VDOM, first VDOM dedicated to my ip_public, and the second for my ip_private. But in consequence, I've to waste 1 public IP to be NAT-ed. But I think it's good enough :D, I will update my network scheme later

    Pradip
    Pradip
    New Member
    February 23, 2018

    Hi Team,

     

    Need help as fortigate configuration product 200 E .

    scenario diagram.

    5 vlan need to created we have got  Lan /29 public IP pool from ISP. so how to mangage this IP to 5 VLAN subnet with dhcp ip,dns etc.

    Terms & ConditionsAccessibility statement