Hi
We have a setup with a FortiGate 61E and want to connect two PLCs with it. On one PLC runs the normal application software (station), which cannot be changed. A simulation is running on the other PLC.
Basically it means that connections with different devices have to be pretended for the station. In order for the application to function correctly in the station, all devices which are created within the simulation must be connected. This means that the station sends data packets to several IP addresses and the simulation answers. The answers of the simulation have to be adapted in such a way that they look as if they come from many devices.
This would have to be done with a DNAT and SNAT for each connection. Each connection would be unique for both PLCs and would represent one device each.
The documentation for the version of FortiOS V5.6.3 also describes it (Combining source and destination NAT in the same policy).
Still, I can't make it work for me.
What do I have to do to make it work?
Cheers
Bugbear
Are the devices in the same subnet?
No. The PLC's are located in different subnets.
We have build a subnet to separate the regular application from the simulation. Our goal is to leave the station for the simulation untouched.
Furthermore, there is the possibility in the future that we will have to simulate more than 100 devices each with an individual IP address. As I understand it, we have to change the subnetwork for the simulation.
 
					
				
				
			
		
| User | Count | 
|---|---|
| 2677 | |
| 1412 | |
| 810 | |
| 703 | |
| 455 | 
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.