Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
sviatoslav_redko
New Contributor

NAT limitation and SAP HANA protection design

Hello,

We do design for Fortigate SAP HANA solution and want to use Fortigate in NAT mode between corporate network and SAP HANA network. Also we suggested to put SAP HANA network behind the NAT (which implemented on FG). If SAP HANA has many inbound connection (for example, 5 000), and FG has SNAT limitation in 10 000, we will reach 1/2 NAT size, and if each connection will use 2 tcp ports we will reach SNAT maximum walue. FG model - 1200D.

So the questions is:

does anyone have the same experience and put SAP behind the NAT? Did you have any issues with NAT size?

is it good idea/practice to put SAP HANA behind the NAT and hide it from customer at all? Does anyone has different ideas?

 

Thank you for ideas and help,

Slava.

0 REPLIES 0
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors