This article describes how to use an IP pool and its type depending on the network need.
Dynamic SNAT maps the private IP addresses to the first available public address from a pool of addresses.
In the FortiGate firewall, this can be done by using IP pools.
IP pools is a mechanism that allows sessions leaving the FortiGate to use NAT.
An IP pool defines a single IP address or a range of IP addresses to be used as the source address for the duration of the session.
These assigned addresses are used instead of the IP address assigned to that FortiGate interface.
IP pool types.
FortiGate uses four types of IPv4 IP pools.
This recipe focuses on some of the differences between them.
This type of IP pool is similar to static SNAT mode.
Defining an external IP range that contains one or more IP addresses is necessary.
When there is only one IP address it is almost the same as static SNAT, the outgoing interface address is used.
When it contains multiple IP addresses, it is equivalent to an extended mode of static SNAT.
For instance, if an overload type IP pool with two external IP addresses is defined (172.16.200.1—172.16.200.2) since there are 60,416 available port numbers per IP, this IP pool can handle 60,416*2 internal IP addresses.
In the case of Multiple dynamic IP pools, FortiGate picks the IP pool randomly. It will not follow any sequential approach.