I would like to know how I check Source NAT pool resource.
I use an interface Source NAT in many policies.
I am worrying whether exhausted for a public IP or not.
It would be difficult to check this because the traffic can vary at different times.
You can do a session filter on policy and then check the sessions established for that policy that can give you an idea of how many session are using snat.
FGT also has a feature to generate logs if such a problem is faced:
Thank you very much for your answer.
It is really helpful for me.
And can I ask you further questions?
1. Is there OID of SNMP for the resource?
2. How many sessions(PAT) can Fortigate provide per one Public IP?
Unfortunately, there is no SNMP for checking relevant SNAT ports as far as I know.
For session, it depends on the source ports available. You can read here: https://docs.fortinet.com/document/fortigate/6.2.0/cookbook/898655/static-snat
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2022 Fortinet, Inc. All Rights Reserved.