I just came here to clear my doubt as I don't have much experience in the fortigate firewall.
Let me tell you what I have done first-
In my organization, there is one server that is behind the LAN environment and needs internet services I just created one IP pool and policy with overload outgoing interface instead of outgoing interface -
Please see the below screenshot and clarify my doubt whether this method is good or not.
I was able to ping from 10.1.1.3 to 184.108.40.206 so my configuration is good or not. or any method we can do.
It's not good or bad. It's about what your strategy of routing those internet bound traffic through the FGT and then L3 router to the internet. Since most of your network is private subnets until hit the internet modem/router, your NATing at the FGT and the router are to hide the local subnets and show only outside/upstream interface IP or IP in the ippool to upstream device.
I wouldn't do any NAT though if you have admin access to L3 router and the internet modem/router. I would just set static route to all downstream subnets to download device. NAT takes some CPU time and memory. If not necessary, should be avoided.
But if you want to NAT it (twice) that would be fine too. And most importantly for you it's working. That's all you care, right?
1)In the concerned firewall policy You can define the "address object" in the source address and enable NAT option so the outgoing traffic will take any wan interface (if you have multiple wan interface configured).
Address object : Define the server subnet / specific Ip address.
This method will NAT the source ip to the outgoing interface ipaddress.
2)The second method is the way you have configured is also correct, here the outgoing traffic will take the "Specific ip "as the outgoing interface defined in IP pool .
Your way of approach is good if you want to map the outgoing traffic to single ip address .
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.