Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
HyTronix
New Contributor

Site to Site IPSEC between to FortiGates - SNAT Question

I have two fortigates with a site-to-site VPN connection.  This works fine, and is configured like this:

 

192.168.10.0/24->Fortigate 1->WAN->Internet->WAN->Fortigate 2->192.168.20.0/24

 

My question is, can a pool be created on Fortigate 1, say a portion of the 192.168.10.0/24 network, for example, 192.168.10.200-250, that incoming connections from remote network 192.168.20.0/24 get mapped to?

 

End goal is to make devices on 192.168.20.0/24 appear to the server on 192.168.10.0/24 that they are on the same subnet as the server.

 

Thanks,

 

-John

2 REPLIES 2
HarshChavda
Staff
Staff

Hello @HyTronix ,

 

Yes, you can create an IP Pool on FortiGate 1 with the range 192.168.10.200-250 and apply it to the VPN policy that allows traffic from 192.168.20.0/24 to 192.168.10.0/24. When enabling NAT in the policy, select the created IP Pool.

mle2802
Staff
Staff
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors