We have an AT&T ADI Circuit from AT&T.
Example of what we have been given from AT&T (this is not our actual IP info, just an example).
CR Serial IP Address: 12.246.190.66/30
AR Serial IP Address: 12.246.190.65/30
Wan IP Address: 12.246.190.64/30
IPV4 Block: 13.220.245.96/29
Usable IP Range: 13.220.245.98 - 13.220.245.102
We have given our WAN1 interface the 12.246.190.66 IP.
We have a static route that points traffic to 12.246.190.65.
I can ping the 12.246.190.65 from WAN1.
What I need to do now is NAT traffic out 13.220.245.98.
How can I accomplish this?
Many thanks.
Hello Team,
You can try and check with ip pool mapping.
Regards
Thanks for your reply. Another wrinkle is that we have a 2nd ISP. I have SDWAN setup to use both ISPs. Our firewall outbound policies use the "Outside" SDWAN "interface. I have enable Central NAT to help direct Internet traffic. We are not hosting any servers internally. We just need to direct internal traffic out to the Internet using Central NAT. The Central NAT rule works fine for the 2nd ISP/WAN. However, when I use a "Dynamic IP Pool" for the AT&T ADI connection, traffic does not flow. I cannot ping from the AT&T Interface out to the Internet. I can still ping the AT&T gateway from the AT&T WAN interface. What else do I need to do? Thanks.
This is solved.
I set the WAN IP: 12.246.190.66/30
Gateway: 12.246.190.65/30
I added the 13.220.245.98 - 13.220.245.102 range as a "secondary IP."
Enabled Central SNAT.
Setup rule for each WAN. For ATT& WAN, I had a rule to go to use 13.220.245.98.
In CLI, associated ATT IPpool with WAN1:
Already had SD-WAN and Firewall policies setup to use SD-WAN.
Verified all was good.
User | Count |
---|---|
2549 | |
1356 | |
795 | |
646 | |
455 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.