FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
ihaidar
Staff
Staff
Article Id 364319
Description This article describes how to configure IP Pools on Policy-based NGFW mode.
Scope FortiGate.
Solution

Let's assume that three IP addresses are required to be source NATed for a particular public IP address each.

User 1: 192.168.9.129----Nated to---> 91.255.251.153/32.
User 2: 192.168.9.130----Nated to---> 91.255.251.154/32.
User 3: 192.168.9.131----Nated to---> 91.255.251.155/32.

 

In this article, the configuration related to User 1 will only be explained, for the other two users, it is required to apply the same configurations for the IP pool and Central NAT policies.

 

  1. Configure Three IP pools with the type 'One-to-One', in each pool, add the IP addresses that are needed to NAT to:

IPPool 1: 91.255.251.153-91.255.251.153.
IPPool 2: 91.255.251.154-91.255.251.154.
IPPool 3: 91.255.251.155-91.255.251.155.

 

Below is an example of IPPool 1:

 

IP POOL.png

 

  1. Configure Three Central NAT policies for each.

    Below is an example of how to configure it for the first user. In the second and third central NAT policies, it is required to change the source addresses and the IPPool.
                                                         

    Central NAT policy.png

     

     

  2. Configure the Security Policy from the Source interface to the destination interface as shown below:
                                                                                               

    Security Policy.png