Description
This article describes that a FortiGate unit can operate in one of two modes: Transparent or NAT/Route mode.
In Transparent mode, the FortiGate is installed between the internal network and the router. In this mode, FortiGate does not make any changes to IP addresses and only applies security scanning to traffic.
When a FortiGate is added to a network in Transparent mode, no network changes are required, except to provide the FortiGate with a management IP address. Transparent mode is used primarily when there is a need to increase network protection but changing the configuration of the network itself is impractical.
In NAT/Route mode, a FortiGate unit is installed as a gateway or router between two networks. This allows FortiGate to hide the IP addresses of the private network using network address translation (NAT).
Scope
FortiOS v5.2 & FortiOS v4.0.
Solution
FortiOS v5.2The Fortinet Document Library contains a comprehensive guide to using Transparent Mode for FortiOS v5.2.Updates to this document for more recent firmware levels will be published as part of the FortiOS Handbook in due course.FortiOS v4.0The attached document is available for FortiOS v4.0.