FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
This article describes how to configure NAT in Transparent Firewall Policy.
Scope
FortiProxy version 7.0.x.
Solution
Prior to FortiProxy version 7.0.x ,it was possible to configure NAT in Transparent Firewall Policy as follows:
# config firewall policy edit 1 set srcintf "w.root" set dstintf "port2" set srcaddr "all" set dstaddr "all" set action accept set schedule "always" set service "ANY" set nat enable <----- NAT enable.
From FortiProxy version 7.0.x onwards, it is necessary to configure the NAT in Transparent Firewall Policy with the following commands:
# config firewall policy edit 1 set srcintf "w.root" set dstintf "port2" set srcaddr "all" set dstaddr "all" set action accept set schedule "always" set service "ALL"
# config firewall central-snat-map
(central-snat-map) edit "1"
# config firewall central-snat-map edit 1 set srcintf "w.root" set dstintf "port2" set src-addr "all" set dst-addr "all"
