Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
peter-supply
New Contributor II

AT&T ADI WAN Setup on Fortigate

We have an AT&T ADI Circuit from AT&T.

 

Example of what we have been given from AT&T (this is not our actual IP info, just an example).

 

CR Serial IP Address: 12.246.190.66/30
AR Serial IP Address: 12.246.190.65/30
Wan IP Address: 12.246.190.64/30


IPV4 Block: 13.220.245.96/29
Usable IP Range: 13.220.245.98 - 13.220.245.102

 

We have given our WAN1 interface the 12.246.190.66 IP.

 

We have a static route that points traffic to 12.246.190.65.

 

I can ping the 12.246.190.65 from WAN1.

 

What I need to do now is NAT traffic out 13.220.245.98.  

 

How can I accomplish this?

 

Many thanks.

3 REPLIES 3
hst1
Staff
Staff

Hello Team,

You can try and check with ip pool mapping.

https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-configure-SNAT-with-IP-pool/ta-p/19...

 

Regards

peter-supply
New Contributor II

Thanks for your reply.  Another wrinkle is that we have a 2nd ISP.  I have SDWAN setup to use both ISPs.  Our firewall outbound policies use the "Outside" SDWAN "interface.  I have enable Central NAT to help direct Internet traffic.  We are not hosting any servers internally.  We just need to direct internal traffic out to the Internet using Central NAT.  The Central NAT rule works fine for the 2nd ISP/WAN.  However, when I use a "Dynamic IP Pool" for the AT&T ADI connection, traffic does not flow.  I cannot ping from the AT&T Interface out to the Internet.  I can still ping the AT&T gateway from the AT&T WAN interface.  What else do I need to do?  Thanks.

peter-supply
New Contributor II

This is solved.

 

I set the WAN IP: 12.246.190.66/30
Gateway: 12.246.190.65/30

 

I added the 13.220.245.98 - 13.220.245.102 range as a "secondary IP."

 

Enabled Central SNAT.

 

Setup rule for each WAN. For ATT& WAN, I had a rule to go to use 13.220.245.98.

 

In CLI, associated ATT IPpool with WAN1:

 

https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-associate-a-NAT-pool-IP-pool-to-a-p...

 

Already had SD-WAN and Firewall policies setup to use SD-WAN.

 

Verified all was good.

Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors