Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
sklotz
New Contributor II

Created on ‎08-24-2023 01:39 AM

FortiADC NAT Source Pool as VS-address

On FortiADC I tried to configure a NAT Source Pool with an IP-address of an existing VS, but seems to be not possible, as I get an error message saying that this IP-address is a duplicate to an existing VS.

Is this really a normal behavior and if so, why is there such a restriction?!?!?!
Background: we are currently planning a platform migration from F5-LTM to FortiADC and in F5 world we are using SNAT with the same IP-address as the VS itself.

How can this be configured with FortiADC?
Thank you!

Regards Stefan :)

Labels:
610
0 Kudos
2 Solutions
Anthony_E
Community Manager
Community Manager

Created on ‎08-28-2023 10:02 PM

Hi Stefan,

 

Could you please have a look at this documentation:

https://docs.fortinet.com/document/fortiadc/7.4.0/handbook/630669/using-source-pools

 

Tell me if it is helpful.

 

Regards,

Anthony-Fortinet Community Team.

View solution in original post

579
0 Kudos
sklotz
New Contributor II

Created on ‎10-11-2023 06:32 AM

Sorry for the late reply, but I get the solution in the meanwhile via internal Fortinet colleagues.
There is CLI command, where you can enable this globally.

config sys global

set share-ip-address enable

Once done, you are allowed to use a VS-IP within a SNAT pool.

Thank you!

 

Regards,
Stefan :)

 

View solution in original post

470
4 REPLIES 4
Anthony_E
Community Manager
Community Manager

Created on ‎08-27-2023 08:33 PM

Hello Stefan,


Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.


Thanks,

Anthony-Fortinet Community Team.
587
0 Kudos
Anthony_E
Community Manager
Community Manager

Created on ‎08-28-2023 10:02 PM

Hi Stefan,

 

Could you please have a look at this documentation:

https://docs.fortinet.com/document/fortiadc/7.4.0/handbook/630669/using-source-pools

 

Tell me if it is helpful.

 

Regards,

Anthony-Fortinet Community Team.
580
0 Kudos
sklotz
New Contributor II

Created on ‎10-11-2023 06:32 AM

Sorry for the late reply, but I get the solution in the meanwhile via internal Fortinet colleagues.
There is CLI command, where you can enable this globally.

config sys global

set share-ip-address enable

Once done, you are allowed to use a VS-IP within a SNAT pool.

Thank you!

 

Regards,
Stefan :)

 

471
Anthony_E
Community Manager
Community Manager

Created on ‎10-11-2023 07:20 AM

Thank you Stefan :)!

Anthony-Fortinet Community Team.
466
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.