EMAIL SUPPORT

dclessons@dclessons.com

LOCATION

NZ

LAB Configuring FortiGate in NAT-Route Mode

LAB Configuring FortiGate in NAT-Route Mode

Posted on Jan 13, 2020 (0)

LAB Configuring FortiGate in NAT-Route Mode

In the mode you will learn when a Fortigate is installed between LAN and Internet/WAN then how user inside LAN access the WAN network or internet network. In this Mode Fortigate hide the private IP address of the users and provides the access to network.

Task:

  • Configure Interface as Internal as IP 10.10.10.30/24
  • Configure Interface as External as IP 142.100.64.30/24
  • Configure PC with IP 10.10.10.40/24
  • Add default route pointing towards 142.100.64.1/24
  • Create a policy to allow from Internal Interface to External Interface with Source All and Destination All and enable NAT Section.
  • Also Enable Logging Section.

Solution:

Step1: Configuring the FortiGate’s interfaces

Go to Network > Interfaces and edit the Internet-facing interface (in the example, External). If the fortunate is connected directly select Manual and provide the IP address provided by ISP.

Edit the LAN interface (called internal on some FortiGate models). Make sure the interface's Role is set to LAN.

Step2: Adding a default route

Go to Network > Static Routes and create a new route and add default route pointing to ISP.

Step 3: Creating a policy to allow traffic from the internal network to the Internet

Go to Policy & Objects > IPv4 Policy and create a new policy

Provide all input as described in below figure and also turn on NAT and make sure Use Outgoing Interface Address is selected.

Scroll down to view the Logging Options. In order to view the results later, enable Log Allowed Traffic and select All Sessions.

Now once you browse internet or ping 8.8.8.8 from your machine , you will get logs as per below figure.


Comment

    You are will be the first.

LEAVE A COMMENT

Please login here to comment.