You do not need a conversion tool in order to do NAT. Look at each NAT and apply it a central-NAT or per-policy as required. The concept are equally the same between ciscoASA and FortiOS
# DNAT rules cisco ASA object network webserverdnat host 220.127.116.11 nat (inside,outside) static 18.104.22.168 # DNAT VIP FGT port-forward tcp80 config firewall vip edit webserverdnat set comment "DANT TO rfc1918" set extintf wan1 set extip 22.214.171.124 set mappedip 126.96.36.199 set portforward enable set protocol tcp set extport 80 set mapped port 80 end # DNAT VIP FGT config firewall vip edit webserverdnat set comment "DANT TO rfc1918" set extintf wan1 set extip 188.8.131.52 set mappedip 184.108.40.206 end # cisco DNAT port forward object network WebServerCH3-LAMPSRV01 host 220.127.116.11 nat (inside,outside) static 18.104.22.168 service tcp 80 80 ! # cisco pat overload to a pool object network MYLAN subnet 22.214.171.124. 255.255.255.0 object network SNATPOOL subnet 192.0.2.1 255.255.255.255 nat (inside,outside) 1 source static MYLAN MYLAN destination static SNATPOOL SNATPOOL #FortiOS CENTRAL-NAT config firewall ippool edit publicpoolA set type overload set startip 192.0.2.1 set endip 192.0.2.1 end config firewall central-snat-mapedit 1 set orig-addr <pre-nat.src.addr> set dst-addr <pre-nat dst.addr> set nat-ippool ippool publicpoolAend That a few examples I can think of, just determine if you want central-net or nat within the policy. Thank of central net the same as ciscoASA, Palo,Juniper,CHKP,Forcepoint NAT-tables. YMMV but both are equally beneficial and easy concepts to figure out. Ken Felix
depending on when you bought the FortiGate FortiConverter is a free service.
but if that isn't an option then you best understand what the ASA does very well. then it is not that hard to configure the FortiGate in a similar way if you understand FortiGate also. if there is an issue with understanding one of them look for assistance, that will probably also come with a price.
unfortunately i now see it is a purchased service also, probably cheaper then the forticonverter license, which is quite affordable and probably easier to purchase when you buy the equipment then later.
You can download the forticonverter python based free tool from support site. (Download > Product=Foriconverter > Download: / FortiConverter/ v5.00/ 5.6/ 5.6.2/ FortiConverterSetup_5.6.2_Build0541.py.exe).
I used a few weeks ago and it was easy peasy...
the new (python) version is not free, both the legacy and new version require a license (which is shared between both).
from the release notes:
For all 3rd party conversions, you can complete a conversion and view the results in the tuning page. All other functionality is disabled until you upload the full license. In most cases, this limited functionality is sufficient to allow you to evaluate the product.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.