Installing FortiGate in NAT mode

Installing FortiGate in NAT mode in just a few steps.

Connecting network devices

Fortigate Mode Nat1

First of all, in this example you connect and configure a new FortiGate in NAT mode in order to securely connect a private network to the Internet.

In NAT mode, you install it as a gateway or router between two networks. Normally, you set up the Firewall between a private network and the Internet, since it allows the FortiGate hide the IP addresses of the private network using NAT.

As a result, NAT mode is the most commonly used operational mode in implementations.

Configuring Interfaces in FortiGate Firewall

  1. At first, to edit the Internet-facing interface (in the example, wan1), go to Network > Interfaces.
  2. Secondly, set the estimated bandwidth for the interface based on your Internet connection.
  3. Also, set the function to WAN.
Fortigate1 interface
Configuration Screen

Important steps

  1. First of all, to determine which addressing mode to use, check whether your ISP provides an IP address for you to use or whether the ISP equipment uses DHCP to assign IP addresses.
    1. Whereas if your Internet service provider gives you an IP address, set the addressing mode to Manual and set the netmask / IP for that IP address.
    2. On the other hand, if your ISP equipment uses DHCP, set the Addressing mode to DHCP to allow the equipment to assign an IP address to the WAN1.
  2. Edit the lan interface, which is called internal on some FortiGate models.
  3. Set the function to LAN.
  4. Set the Addressing mode to Manual and set the netmask / IP to the private IP address you want to use for the FortiGate.
  5. However, if you need to assign IP addresses to devices on your internal network, activate the DHCP Server.
Dhcp Fortigate 11
Firewall Interface Screen

Adding a default route

Adding a default route in FortiGate Firewall

  1. To create a new default route, go to Network > Static routes . Normally, you only have one default route. If the list of static routes already contains a default route, you can edit it or delete the route and add a new one.
  2. Set Destination to Sub - network and leave the destination IP address set to 0.0.0.0/0.0.0.0.
  3. Set Gateway to the IP address provided by your ISP and Interface to the Internet interface.
Default Route Fortigate1
Adding Routes

Enjoying the content? Share it!

Picture of Rodrigo Torres

Rodrigo Torres

With over 20 years' experience in technical and commercial areas in different markets. Specialized in recruiting, training, managing and strategically developing corporate partners in the IT industry.

Latest Content:

EN
EN PT ES