Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
mle2802
Staff
Staff

Created on ‎10-11-2023 10:03 PM

Article Id 278555

Troubleshooting Tip: Cannot enable central SNAT

Description

This article describes the reason central SNAT is able to turn on GUI but the setting is not applied.
Scope FortiGate.
Solution

On GUI, it is possible to enable central SNAT under System -> Settings. However, even though the setting is enabled and saved the setting is not taking place without any error.

SNAT enable.PNG

 

After refreshing the page, the setting is disabled:

SNAT grey.PNG

 

Instead of using GUI, enable central SNAT on CLI and it will be possible to see the reason why the setting is not applied:

 

snat cli.PNG

 

Since VIP is in use for policy 10, it is not possible to enable central SNAT. After removing VIP from the policy, it will be possible to enable central SNAT either via GUI or CLI.

policy10.PNG

 

remove vip.PNG

 

snat enabled.PNG
1604
0 Kudos
Suggest New Article
Article Feedback
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.