FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
calink
Staff
Staff
Article Id 400243
Description This article explains why a policy with NAT enabled does not keep NAT setting after policy is set to DENY temporarily.
Scope FortiGate.
Solution

Here is a normal policy with NAT enabled.

 

with NAT enabled.png

 

The same policy is now set to DENY:

 

set to Deny.png

 

The same policy set back to ACCEPT:

 

With NAT disabled.png

 

NAT is disabled by default after setting the policy back to ACCEPT. After setting the policy back to ACCEPT, re-enable NAT to ensure the same functionality as before. Antivirus, web filtering, and certificate inspection also may need to be enabled and logging may need to be turned on.

Contributors