Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

NAT after server migration

Hello everyone!

Maybe some of you guys have an idea on how to accomplish this:

There are three sites each connected via site to site. Let's just say site A, B and C.

The DNS server will be moved from site A to site B. There it will get a new IP address. The problem is, that many clients have statically configured the server with the old IP as DNS server. My long-term plan is of course to change every client's DNS server to the new IP, but for the short-term, the solution I was thinking about is DNAT, so when the clients from site A, B and C are trying to access the old server ip, the Fortigates will DNAT to the actual new IP.

I tried setting up two VIPs on site A (since the traffic will arrive here since the routes stay the same for the old server ip subnet), with the interface being the ipsec interface for each site B and C but I couldn't since FortiGate would complain about overlapping IPs.

If there's a way to NAT directly on each site (also site B since the clients still have the site A's server IP configured), I couldn't figure it out...

I hope ya'll know what I mean.

Thanks in advance!

omegle xender

Hi Choll

Can you try create just one VIP with interface "any" instead of creating two VIPs with tun-B and tun-C as interfaces?


Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Top Kudoed Authors