One to One Static NAT Configuration in FortiGate

Helpful guide to setup one-to-one Static NAT in FortiGate firewall so all inbound and outbound traffic of the server ( communicates via a specific Public IP address (

Inbound Static NAT

  • Navigate to ‘Virtual IP’ menu under ‘Policy & Objects’ and specify Public (External) and Private (Mapped) IP address details in the fields. ‘Interface’ option refers to the interface to which Public IP address is connected to.

HostGator $2.75 per month
24/7/365 Technical Support, Free Site Building Tools, 4500 Website Templates, Free Shopping Cart Software, Ideal for WordPress, 45 Day Money Back Guarantee

  • Create a Security Policy to allow inbound traffic from external interface to ‘Virtual IP’ created in the above step. You must turn off the NAT, as the NAT process will be taken care by FortiGate Virtual IP configuration.

Outbound Static NAT

  • Navigate to ‘IP Pools’ menu under ‘Policy & Objects’ and create a one-to-one NAT so that all outbound traffic from communicates via to internet.

  • While creating Security Policy for outbound traffic, choose ‘Dynamic IP Pool’ option and select the IP Pool created in the above step.