Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
afronczak
New Contributor

VIP and NAT problems with Site to Site VPN

Hi All,

 

I have a vendor that requires me to NAT our local IPS to an Encryption domain they assigned to me and am somewhat new to fortigate products. I am on version 5.2 Below is what I am trying to accomplish with no success I have the site to site established but can not get traffic to pass correctly, it hits my side and dies.

 

Inbound 

 From Vendor NAT IP (Remote side of Tunnel) (1.1.1.1.1/32) > Vendor Assigned Local IPs (Local side of tunnel) (10.250.83.160/28) > |Static NAT Table| >  LAN 10.23.2.x

 

Outbound

 From LAN 10.23.2.x > |Static NAT Table | Vendor Assigned Local IPs (Local Side of Tunnel)(10.250.83.160/28) > Vendor NAT IP (Remote side of tunnel)(1.1.1.1/32)

 

I have tried using VIP for inbound connection and IP Pools for outbound, I tried individually NATing each device acording to my created NAT table but can not get it to work. I even tried using central NAT all to no avail.

 

Does anyone have any success with NATing local IPs to another ip before sending over VPN?

 

Thanks,

AJ

 

 

 

 

0 REPLIES 0
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors