Source NATing Fortigate typical scenario

enter image description here

I have a small query with respect to NATing in Fortigate.I'm struck in particular by a scenario where the remote network allows users with a specific IP range with a specific port for RDP over a different set of physical links.

User(192.168.60.0/24) in LAN should connect to 10.48.1.3 on remote network which is connected to Internal ports on Fortigate (Nor WAN since it is used for internet).

Link between Remote network firewall & Fortigate has been established (10.189.254.17-10.189.254.18). I can ping remote firewall interace 10.189.254.17.

Admin wants us to access 10.48.1.3 over 3389 port via 10.189.1.8-10.189.1.15 (allowed IPs on remote firewall).

So basically, user (ex:Source: 192.168.60.15 need to access Destination 10.48.1.4 via allowed IPs (10.189.1.8-10.189.1.15) over physical link between Fortigate & remote firewall (10.189.254.18-18.189.254.17).

I have tried VIP (Static NAT) (Source NAT) port forwarding, IP Pool (Destination NAT), but no help.

Please advice how to proceed. It is a typical scenario , can we achieve it?

Leave Your Comment