Description | This articles describes how to enable and configure central SNAT on FortiGate. |
Scope |
FortiGate. |
Solution |
Enable Central SNAT.
config sys settings set central-snat enable end
Sample Central SNAT configuration:
From the CLI:
config firewall central-snat-map edit 1 set uuid be665abc-69d5-51ec-ab33-ac04c07f7190 set srcintf "port4" set dstintf "port5" set orig-addr "all" set dst-addr "all" next end
From the GUI:
Navigate to Policy & Objects -> Central SNAT and select 'Create New'.
If the Firewall NGFW mode is policy-based and central NAT-enabled, it is necessary to configure SSL Inspection and authentication policies along with a security policy in order to enable the traffic.
show config firewall policy edit 2 set name "Test" set uuid 7134a43c-8ed2-51ee-3ddb-e26cd3f2459c set srcintf "port4" set dstintf "port5" set srcaddr "all" set dstaddr "all" set service "ALL" next end |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.