Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
live89
Contributor II

ip pool NAT

Hi Is there a way to exclude one ip address from NAT IP pool ? Today I'm splitting the ip pool into two pools and then attach them to the policy ... this is frustrating .. because sometimes I need to exclude more than one IP it would be nice to have this feature

Thanks

Thanks
3 REPLIES 3
ede_pfau
SuperUser
SuperUser

Is this a question or a feature request? IMHO you're doing it already the way it's got to be.

The next feature request would be to be also able to negate the IP range...

Ede Kernel panic: Aiee, killing interrupt handler!
Ede Kernel panic: Aiee, killing interrupt handler!
live89

Hi @ede_pfau

Thanks for the response

 

The way I'm doing it today is frustrating, because sometimes I need to exclude more than one IP, and for that I'm splitting the ip pool into more than two ip pools.

 

And also I'm not pretty sure about how the Fortigate behave when splitting ip pool into more than one , I mean how it behaves with load balancing the source ip addresses with the NAT overload

is it using equally both ip pools ? is it using the multiple ip pool from top to down in the fwpolicies ?

Thanks

Thanks
ede_pfau

AFAIR pools are used until exhausted, that is, first pool, then next.

Ede Kernel panic: Aiee, killing interrupt handler!
Ede Kernel panic: Aiee, killing interrupt handler!
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors