Hi everybody, I've got a FortiWiFi (which I think it's pretty similar to a FortiGate but with a WiFi interface, correct me if I'm wrong) and it's in NAT mode, so I'm wondering if has this something to do with the fact that I have had to enable NAT for some policies, to be able to reach equipments in one VLAN from another different VLAN.
I mean, to clarify, here a table with info about these VLANs
+-----------+-----------+-----------------+--------------------------------+---------------------------+ | VLAN ID | interface | IP/Netmask | DHCP Range | Related address object | +-----------+-----------+-----------------+--------------------------------+---------------------------+ | 10 | internal5 | 10.100.0.1/12 | 10.100.0.2-10.100.255.253 | 10.96.0.0/12 | +-----------+-----------+-----------------+--------------------------------+---------------------------+ | 20 | internal1 | 172.20.1.1/24 | 172.20.1.2-172.20.1.254 | 172.20.1.0/24 | +-----------+-----------+-----------------+--------------------------------+---------------------------+
So I've created a policy with the '172.20.1.0/24' address object as source and '10.96.0.0/12' address object as destination but apparently I have to enable NAT for that policy if I want to reach hosts in the VLAN 10, is this right? Why is this?
Thank you all, and excuse my ignorance with networking topics if so.
PS: Obviously VLAN ID is just a way to tag every VLAN and it's more related with the switches in my network, but that's the setup that I've got.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Are you talking about enabling NAT (as in NAT mode vs transparent mode) on the entire firewall, or enabling NAT in the policies? BIG difference.
Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com
Ah, sorry about that. Enabling NAT on the policy.
rwpatterson wrote:Are you talking about enabling NAT (as in NAT mode vs transparent mode) on the entire firewall, or enabling NAT in the policies? BIG difference.
Ah, sorry about that. Enabling NAT on the policy.
Currently I have same issue. Is there any way to disable NAT or without setting gateway?
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1629 | |
1063 | |
749 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.