Hi all,
I am setting up a Site-2-site VPN from our hosting center to a customer network. (I only have control of the Fortigate at our end.) However the LAN addresses used on the customer network, is already used by another of our customers.
Can I NAT the remote networks addresses in my end? Any description of how to set this up?
I have tried finding info in the Forti Cookbook, but didn't find this scenario.
TYIA.
Solved! Go to Solution.
hm I think you can do that by setting the policy that allows the traffic to do dnat either with the ip of the destination iface or an ip pool.
I do that here with our homeiffice vpns because for one application they need to have an ip in our office lan. So I set the policy on my side to dnat all traffic to this app with an ip out of an ip pool inside our office lan.
But dnat with destination interface ip should do the same.
--
"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
Noone can tell me, if it's even possible?
hm I think you can do that by setting the policy that allows the traffic to do dnat either with the ip of the destination iface or an ip pool.
I do that here with our homeiffice vpns because for one application they need to have an ip in our office lan. So I set the policy on my side to dnat all traffic to this app with an ip out of an ip pool inside our office lan.
But dnat with destination interface ip should do the same.
--
"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
User | Count |
---|---|
2677 | |
1412 | |
810 | |
703 | |
455 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.