Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
ABUELKHAIR
New Contributor III

What does enabling/disabling the NAT option in a Policy exactly do?

What does enabling/disabling the NAT option in a Policy exactly do?

2 Solutions
rwpatterson
Valued Contributor III

Basically it changes the source address that the traffic comes from. When traversing the Internet, you need to use this so the traffic appears to come from the public IP address as opposed to the inside address. You could also choose another address if you define it in the IP Pool section. With NAT turned off, the native address is used for the originating traffic to the end point.

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com

View solution in original post

Bob - self proclaimed posting junkie!See my Fortigate related scripts at: http://fortigate.camerabob.com
emnoc
Esteemed Contributor III

Enable slource or destination nat depending on if you nave nat pool and|or a vip in the name firewall policy or just plain egress nat if your doing snat. Alternative a centralize nat table can be used similar to other fw vendors like checkpoint, forcepoint, ciscoASA, juniperSRX, etc........

 

Ken Felix

PCNSE 

NSE 

StrongSwan  

View solution in original post

PCNSE NSE StrongSwan
2 REPLIES 2
rwpatterson
Valued Contributor III

Basically it changes the source address that the traffic comes from. When traversing the Internet, you need to use this so the traffic appears to come from the public IP address as opposed to the inside address. You could also choose another address if you define it in the IP Pool section. With NAT turned off, the native address is used for the originating traffic to the end point.

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com

Bob - self proclaimed posting junkie!See my Fortigate related scripts at: http://fortigate.camerabob.com
emnoc
Esteemed Contributor III

Enable slource or destination nat depending on if you nave nat pool and|or a vip in the name firewall policy or just plain egress nat if your doing snat. Alternative a centralize nat table can be used similar to other fw vendors like checkpoint, forcepoint, ciscoASA, juniperSRX, etc........

 

Ken Felix

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
Labels
Top Kudoed Authors