Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
kabrutus
New Contributor

Getting private range on Wan dont want to double nat

I have a sonic wall as the router.  (Not mine), it is giving me a natted 192.168.101.x ip address on my wan interface.  On my Fortigate 100D i want to have a dhcp range of 172.16.0.0/22 for my lan interface.  I do not want to double nat, is there a way to use the natting coming from the sonicwall and disable nat on the fortigate?

3 REPLIES 3
Sandeep_FTNT
Staff
Staff

On fortigate you simply create a firewall policy from LAN to WAN without NAT enabled in it , which is essentially route mode . On sonicwall create a static route for 172.16.0.0/22 subnet with gateway as IP address WAN interface of fortigate . 

kabrutus
New Contributor

So i would have to add 192.168.101.25(fortigate WAN IP) on the sonic walls static route?

Sandeep_FTNT

Static route on sonicwall should be like below

Destination: 172.16.0.0/22

Gateway - 192.168.101.25