NAT46 policy

NAT46 refers to the mechanism that allows IPv4 addressed hosts to communicate with IPv6 hosts. Without such a mechanism, IPv4 environments cannot connect to IPv6 networks.

Sample topology

In this example, an IPv4 client tries to connect to an IPv6 server. A VIP is configured on FortiGate to map the server IPv6 IP address 2000:172:16:200:55 to an IPv4 address On the other side, an IPv6 IP pool is configured and the source address of packets from client are changed to the defined IPv6 address. In this setup, the client PC can access the server by using IP address

Sample configuration

To configure NAT46 in the GUI:
  1. Enable IPv6:

    1. Go to System > Feature Visibility.
    2. In the Core Features section, enable IPv6.
    3. Click Apply.
  2. Configure the VIP:

    1. Go to Policy & Objects > Virtual IPs and click Create New > Virtual IP.
    2. Enter the following:

      VIP type







      Static NAT

      External IP address/range

      Map to IPv6 address/range


    3. Click OK.
  3. Configure the IPv6 IP pool:

    1. Go to Policy & Objects > IP Pools and click Create New.
    2. Enter the following: