DescriptionIn some cases, we may need to send out the traffic with the specific source IP address which is not wan1 or wan2 IP addresses which we have at the external interface.
We may need to use the IP Pool with the firewall policy to do this.
ScopeFortiGate.
SolutionFor v5.0:
1) Using the GUI go to Firewall Objects > Virtual IPs > IP Pools > Create New and set the parameter values as follows:
Name : NAT24
Type : Overload
External IP Range/Subnet : 24.24.24.24-24.24.24.24
ARP Reply : enable
2) Create the firewall policy from the source interface to the destination interface as required and set the IP Pool to Enable NAT. Select the option to 'Use Dynamic IP Pool' and choose the one that had been created in the previous step (For example: 'NAT24').
When the traffic passes through this firewall policy, it will NAT out with the IP address of the IP Pool (NAT24 with 24.24.24.24) as required.