38
01-28008-0111-20050128
Fortinet Inc.
Configuring the networks
NAT/Route mode installation
Figure 10: FortiGate-60M NAT/Route mode connections
Configuring the networks
If you are running the FortiGate unit in NAT/Route mode, your networks must be
configured to route all Internet traffic to the IP address of the FortiGate interface to
which they are connected.
• For the internal network, change the default gateway address of all computers and
routers connected directly to your internal network to the IP address of the
FortiGate internal interface.
• For the DMZ network, change the default gateway address of all computers and
routers connected directly to your DMZ network to the IP address of the FortiGate
DMZ interface.
• For the external network, route all packets to the FortiGate WAN1 or WAN 2
interface.
If you are using the FortiGate unit as the DHCP server for your internal network,
configure the computers on your internal network for DHCP.
Make sure that the connected FortiGate unit is functioning properly by connecting to
the Internet from a computer on the internal network. You should be able to connect to
any Internet address.
INTERNAL
DMZ
4
3
2
1
LINK 100
LINK 100
LINK 100
LINK 100
LINK 100
LINK 100
LINK 100
WAN1
WAN2
PWR
STATUS
FortiGate-60M
DMZ
DMZ Network
Mail Server
Web Server
Internal Network
WAN2
WAN1
Internet
Broadband (cable or DSL)
T1
Wireless Network
Internal