Help
Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
kabrutus
New Contributor

Created on ‎07-01-2015 10:59 AM

Getting private range on Wan dont want to double nat

I have a sonic wall as the router.  (Not mine), it is giving me a natted 192.168.101.x ip address on my wan interface.  On my Fortigate 100D i want to have a dhcp range of 172.16.0.0/22 for my lan interface.  I do not want to double nat, is there a way to use the natting coming from the sonicwall and disable nat on the fortigate?

3032
0 Kudos
3 REPLIES 3
Sandeep_FTNT
Staff
Staff

Created on ‎07-01-2015 11:30 AM

On fortigate you simply create a firewall policy from LAN to WAN without NAT enabled in it , which is essentially route mode . On sonicwall create a static route for 172.16.0.0/22 subnet with gateway as IP address WAN interface of fortigate . 

986
0 Kudos
kabrutus
New Contributor

Created on ‎07-01-2015 12:39 PM

So i would have to add 192.168.101.25(fortigate WAN IP) on the sonic walls static route?

986
0 Kudos
Sandeep_FTNT
Staff
Staff
In response to kabrutus

Created on ‎07-01-2015 12:51 PM

Static route on sonicwall should be like below

Destination: 172.16.0.0/22

Gateway - 192.168.101.25

986
0 Kudos
Top Kudoed Authors
View all

Contact Us