Sidewinder Config (netmap) migration to FortiOS

Muhammad_Atif_Jauhar · ‎12-13-2014

Hi,

I am in progress to config migration Project from Sidewinder to Fortigate.

I am facing issue to migrate Sidewinder Netmap (Object and Policy) migration to Fortigate Config.

Kindly let me know what will be the configuration of fortigate similar to Sidewinder Netmap.

Sample Sidewinder Config is:

netmap add name=Test--external \ members=ipaddr:10.10.10.10:192.168.1.115,ipaddr:10.10.10.11:192.168.1.116 \ description='Rename netmap object as appropriate' \ last_changed_by='swadmin on Fri Oct 31 11:26:26 2008'

emnoc · ‎12-14-2014

When you pull that cfg with cf , I believe you are looking for the equal of firewall addr and addrgroups. So those address could be defined in a addr and then in a addrgroup

What are these address for and where are they used in the firewall policies.?

PCNSE

NSE

StrongSwan

Muhammad_Atif_Jauhar · ‎12-14-2014

Hi,

Basically, In Sidewinder netmap configuration, they doing maping from One IP to Others e.g. 10.10.10.10:192.168.1.115.

In this they are nating 10.10.10.10 IP to 192.168.1.115.

This Netmap is calling in Policy as Source Address and also opposite Netmap (192.168.1.115:10.10.10.10) in other Policy in Destination Address.

emnoc · ‎12-15-2014

Is this a public facing vip ( DNAT ) or SourceNAT ( SNAT )?I believe it's a SNAT but I haven't did anything on a sidewinder like in ages.

So if it's a SNAT, you could do a public-nat-pool and define the pool on the fwpolicy(s) that need SNAT for the policy.

Ken

PCNSE

NSE

StrongSwan

Sidewinder Config (netmap) migration to FortiOS

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website