one-to-one NAT = Policy is using an Exhausted pool.

Nubbins · ‎08-15-2020

Hi There,

I'm new to FortiGate and seem to have issues with one-to-one NATs.

When I configure the "IP Pool" as One-to-One with a single public IP address (we have 64 Public Addresses) and then link it to an outbound firewall policy for a single internal host, I get a warning saying "it is using an exhausted IP Pool".

If I change the pool to overload (still with a single IP) the issue goes away but that seems like a bodge. It all seems to work fine but I hate seeing warnings that aren't an issue. Is this just a GUI glitch or am I doing something wrong?

I'm running 6.4.2 on a 60F HA pair.

Any pointers appreciated.

Thanks

lobstercreed · ‎08-15-2020

This is normal behavior on the FortiGate. You're not doing anything wrong. I agree that it is annoying to see the warning when nothing is wrong, but as long as I only see that warning on my single server policies, I just know that's what it is. If someone tried to add a second source, they would need to know why it's not working. If you want to request they change that behavior or perhaps get further explanation you could open a TAC case or discuss with your sales team.

Mbikoz · ‎01-16-2023

set to overload

one-to-one NAT = Policy is using an Exhausted pool.

Nominate a Forum Post for Knowledge Article Creation