Hello to all, I'm trying to route outgoing traffic through different public IP addresses.
This is the current setup
At my FortiGate 200D (v6.0.3) the WAN1 port configure with a manual IP address that I got from my ISP, for example, the IP is - 31.150.10.116/255.255.255.240.
This WAN1 is connected to a Cisco 1941 router with the static IP 31.150.10.113/255.255.255.240
and at the FortiGate the static route set to:
Destination : 0.0.0.0/0.0.0.0 -> Gateway: 31.150.10.115
At the current setup the trafice route through the Public IP - 31.150.10.16
Now, I like to remove the cisco route and do all the routing through the FortiGate appliance.
The issue is that when I set the WAN1 Port with the ISP IP 31.154.12.50 + static route to 31.154.12.49 I'm losing the former IP address (31.150.10.16)
Anyone has any idea how to do it?
Thanks/
Hello,
You can use IP Pool on your FortiGate to use a different IP address when outgoing on your WAN link.
You can use the type overload for your setup.
https://docs.fortinet.com/document/fortigate/6.2.0/cookbook/29961/dynamic-snat
> The issue is that when I set the WAN1 Port with the ISP IP 31.154.12.50 + static route to 31.154.12.49 I'm losing the former IP address (31.150.10.16)
You don't need to set the IP address 31.154.12.50 on the interface while using IP Pool.
Regards,
Kavin
I'd say you don't need to use SNAT via IP pool at all.
If you look at it, removing the Cisco router means to remove the need for a "transfer network" 31.150.10.0/xx. The Cisco's WAN IP moves to the FGT's WAN port, and that's all. The default route on the FGT needs to point to the ISP's gateway at the other end of the WAN connection - you can see this address in the Cisco's routing table.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1735 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.