Ip Pools - Fortinet FortiGate Series Administration Manual

Hide thumbs Also See for FortiGate Series:

Table of Contents

Firewall Virtual IP

IP pools

FortiGate Version 4.0 MR1 Administration Guide

01-410-89802-20090903

http://docs.fortinet.com/

Figure 260: Editing a VIP group

Available VIPs and

Use IP pools to add NAT policies that translate source addresses to addresses randomly

selected from the IP pool, rather than the IP address assigned to that FortiGate unit

interface. In Transparent mode, IP pools are available from the FortiGate CLI.

An IP pool defines an address or a range of IP addresses, all of which respond to ARP

requests on the interface to which the IP pool is added.

Select Enable Dynamic IP Pool in a firewall policy to translate the source address of

outgoing packets to an address randomly selected from the IP pool. An IP pool list

appears when the policy destination interface is the same as the IP pool interface.

With an IP pool added to the internal interface, you can select Dynamic IP pool for policies

with the internal interface as the destination.

Add multiple IP pools to any interface and select the IP pool to use when configuring a

firewall policy.

A single IP address is entered normally. For example, 192.168.110.100 is a valid IP

pool address. If an IP address range is required, use either of the following formats.

x.x.x.x-x.x.x.x, for example 192.168.110.100-192.168.110.120

x.x.x.[x-x], for example 192.168.110.[100-120]

Enter or modify the group name.

Select the interface for which you want to create the VIP group. If you

are editing the group, the Interface box is grayed out.

Select the up or down arrow to move virtual IPs between Available

VIPs and Members. Members contains virtual IPs that are a part of

this virtual IP group.