Unable to do NAT when computer has 2 Network card, 2 subnet and 2 gateway

Etctan · ‎02-17-2023

I have 2 computer (A and B) with 2 net card and 2 Fortigate.

Computer A

network card A1 set (subnet 59.x)

192.168.59.2 subnet mask 255.255.255.0

Gateway 192.168.59.1

To Fortigate A (192.168.59.1)

Firewall Policy set subnet

192.168.59.0/24 source

192.168.69.0/24 des

And set reverse.

Computer B

network card B1 set (subnet 69.x)

192.168.69.2 subnet mask 255.255.255.0

Gateway 192.168.69.1

To Fortigate A (192.168.69.1)

Firewall Policy set subnet

192.168.69.0/24 source

192.168.59.0/24 des

Computer A

network card A2 set (subnet 60.x)

192.168.60.2 subnet mask 255.255.255.0

Gateway 192.168.60.1

To Fortigate B (192.168.60.1)

Firewall Policy set subnet

192.168.60.0/24 source

192.168.70.0/24 des

And set reverse.

Computer B

network card B2 set (subnet 70.x)

192.168.70.2 subnet mask 255.255.255.0

Gateway 192.168.70.1

To Fortigate B (192.168.69.1)

Firewall Policy set subnet

192.168.70.0/24 source

192.168.60.0/24 des

My objective is ping 59.2 to 69.2 and 60.2 to 70.2 through Fortigate NAT.

I can only ping from 59.2 to 69.2 if I remove Gateway from Network card A2.

If that is the case I can't ping 60.2 to 70.2.

Summary 1 can only set 1 gateway in 1 computer. But how to let 60.2 ping 70.2 from Fortigate B?

Potato · ‎02-18-2023

Add route on 60.2 :

dst: 192.168.70.2/32 Gateway: 192.168.60.1

Same concept for 70.2 as return route

This is not Fortigate issue related actually.

Nominate a Forum Post for Knowledge Article Creation