Hi all,

We are in the process of migrating a multi-tenant network from an old Sonicwall and looking for better alternatives.

I really want to give Fortigates a go but i'm unsure whether it will satisfy our requirements, could not find config examples online.

The public subnets we are given by the ISP are:

Public main WAN subnet 1: 1.0.0.0/29

Public ISP routed subnet 2: 2.0.0.0/30

Public ISP routed subnet 3: 3.0.0.0/30

I've assigned subnets 2 & 3 to tenants' 2 & 3 gateway device, for example tenant 3 has a Draytek sitting behind the Sonicwall with a public IP address of 3.0.0.2 on it (3.0.0.1 is the Sonicwall). We needs to be able to do his own NAT.

The way I've done this on the Sonicwall is shown here: http://help.sonicwall.com/help/sw/eng/6500/25/9/0/content/Ch27_Network_Interfaces.031.39.html

Is there any way of doing this on the Fortigate and have a public subnet assigned to an internal host/VLAN/interface while bypassing the WAN interface's NAT?

Thanks for your time.