Source Nat to the LAN IP ADDRESS

Hi,

I have created the VPN IPSEC with my client. The destination address is only available from the fortigate local address 172.19.192.1 (also in the configuration VPN IPSEC tunnel).

I need help how i can configure policy from another LAN address example 172.19.192.100/32 to nat to the address gateway 172.19.192.1/32

Current policy:

edit 20 set uuid dfa6f7ae-dc73-51e5-66ad-f9a3bae3a82a set srcintf "LAN"  set dstintf "LAN" (172.19.192.1) set srcaddr "tdu" (172.19.192.100/32) set dstaddr "PBG_WIN" (IP addres 192.168.200.50/32) set action accept set schedule "always" set service "ALL" set natip 172.19.192.1 255.255.255.255 set nat enable

Bellow ip traffic from debug: fg # id=20085 trace_id=42 func=print_pkt_detail line=4471 msg="vd-root received a packet(proto=1, 172.19.192.100:17638->192.168.200.50:8) from LAN. code=8, type=0, id=17638, seq=621." id=20085 trace_id=42 func=init_ip_session_common line=4622 msg="allocate a new session-00091d06" id=20085 trace_id=42 func=vf_ip4_route_input line=1596 msg="find a route: flags=00000000 gw-192.168.200.50 via VPN_PBG" id=20085 trace_id=42 func=fw_forward_handler line=550 msg="Denied by forward policy check (policy 0)"

Traffic from 172.19.192.100/32 is not nat to the address 172.19.192.1.

From 172.19.192.1/32 i can ping address 192.168.200.50, from 172.19.192.100 i cannot do that, because policy is no nat this ip to the gateway address.

Please I need help