Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
kiclee
New Contributor II

How should I check SNAT pool resource?

Hi

 

I would like to know how I check Source NAT pool resource.

I use an interface Source NAT in many policies.

I am worrying whether exhausted for a public IP or not.

 

Thanks

3 REPLIES 3
sagha
Staff
Staff

Hi kiclee, 

 

It would be difficult to check this because the traffic can vary at different times. 

You can do a session filter on policy and then check the sessions established for that policy that can give you an idea of how many session are using snat. 

 

FGT also has a feature to generate logs if such a problem is faced: 

https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-determine-whether-a-NAT-port-is-exh...

 

Thanks, 

Shahan

kiclee
New Contributor II

Hi sagha,

Thank you very much for your answer.

It is really helpful for me.

And can I ask you further questions?

 

1. Is there OID of SNMP for the resource?

2. How many sessions(PAT) can Fortigate provide per one Public IP?

 

Thanks

sagha

Hi kiclee, 

 

Unfortunately, there is no SNMP for checking relevant SNAT ports as far as I know. 

 

For session, it depends on the source ports available. You can read here: https://docs.fortinet.com/document/fortigate/6.2.0/cookbook/898655/static-snat

 

Thank you. 

Shahan

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors