Nat/Route Mode; Transparent Mode - Fortinet FortiGate FortiGate-5001FA2 Security System Manual
Fortinet fortigate fortigate-5001fa2: user guide
Hide thumbs
Also See for FortiGate FortiGate-5001FA2:
- Installation manual (64 pages) ,
- Introductions manual (39 pages) ,
- Quick start manual (2 pages)
Table of Contents
Advertisement
Planning the configuration
NAT/Route mode
Transparent mode
22
In NAT/Route mode, the FortiGate-5001FA2 security system is visible to the
networks that it is connected to. Each interface connected to a network must be
configured with an IP address that is valid for that network. In many
configurations, in NAT/Route mode all of the FortiGate interfaces are on different
networks, and each network is on a separate subnet.
You would typically use NAT/Route mode when the FortiGate-5001FA2 security
system is deployed as a gateway between private and public networks. In the
default NAT/Route mode configuration, the FortiGate-5001FA2 security system
functions as a firewall. Firewall policies control communications through the
FortiGate-5001FA2 security system. No traffic can pass through the
FortiGate-5001FA2 security system until you add firewall policies.
In NAT/Route mode, firewall policies can operate in NAT mode or in Route mode.
In NAT mode, the FortiGate firewall performs network address translation before
IP packets are sent to the destination network. In Route mode, no translation
takes place.
Figure 7: Example FortiGate-5001FA2 board operating in NAT/Route mode
NAT mode policies
controlling traffic between
internal and external
networks.
PWR ACC
Internal
192.168.1.99
network
Route mode policies
controlling traffic between
Internal networks.
In Transparent mode, the FortiGate-5001FA2 security system is invisible to the
network. All of the FortiGate-5001FA2 interfaces are connected to different
segments of the same network. In Transparent mode you only have to configure a
management IP address so that you can connect to the FortiGate-5001FA2
security system to make configuration changes and so the FortiGate-5001FA2
security system can connect to external services such as the FortiGuard
Distribution Network (FDN).
Internet
port2
FortiGate-5001FA2 module
204.23.1.2
in NAT/Route mode
USB
1
2
3
4
5
6
7
8
CONSOLE
STA IPM
port1
port3
10.10.10.1
FortiGate-5001FA2 Security System Guide
Quick Configuration Guide
NAT mode policies
controlling traffic between
internal and external
networks.
Internal
network
01-30000-0379-20080606
Advertisement
Table of Contents
Need help?
Do you have a question about the FortiGate FortiGate-5001FA2 and is the answer not in the manual?