Source NATing Fortigate typical scenario

        <img src="https://i.stack.imgur.com/fozGi.jpg" alt="enter image description here">
I have a small query with respect to NATing in fortigate.I'm struck i particular scenario where remote network allows users with specfic IP range with a specfic port for rdp over different set of physical link. User (192.168.60.0/24)in LAN should connect to 10.48.1.3 on remote network which is connected to Internal ports on Fortigate (Nor WAN since it is used for internet). Link between Remote network firewall & Fortigate has been established (10.189.254.17-10.189.254.18). I can ping remote firewall interace 10.189.254.17. Admin wants us to access 10.48.1.3 over 3389 port via 10.189.1.8-10.189.1.15 (allowed IPs on remote firewall). So basically , user (ex:Source: 192.168.60.15 need to access Destination 10.48.1.4 via allowed IPs (10.189.1.8-10.189.1.15) over physical link between Fortigate & remote firewall (10.189.254.18-18.189.254.17). I have tried VIP (Static NAT) (Source NAT) port forwarding , IP Pool (Destination NAT) , but no help. Please advice how to proceed. It is a typical scenario , can we achieve it. Thank in advance. Faizan

Leave Your Comment

Leave a Reply