NAT46 policy

NAT46 refers to the mechanism that allows IPv4 addressed hosts to communicate with IPv6 hosts. Without such a mechanism, IPv4 environments cannot connect to IPv6 networks.

Sample topology

In this example, an IPv4 client tries to connect to an IPv6 server. A VIP is configured on FortiGate to map the server IPv6 IP address 2000:172:16:200:55 to an IPv4 address 10.1.100.55. On the other side, an IPv6 IP pool is configured and the source address of packets from client are changed to the defined IPv6 address. In this setup, the client PC can access the server by using IP address 10.1.100.55.

Sample configuration

To configure NAT46 in the GUI:
  1. Enable IPv6:

    1. Go to System > Feature Visibility.
    2. In the Core Features section, enable IPv6.
    3. Click Apply.
  2. Configure the VIP:

    1. Go to Policy & Objects > Virtual IPs and click Create New > Virtual IP.
    2. Enter the following:

      VIP type

      IPv4

      Name

      vip46_server

      Interface

      port2

      Type

      Static NAT

      External IP address/range

      10.1.100.55

      Map to IPv6 address/range

      2000:172:16:200::55

    3. Click OK.
  3. Configure the IPv6 IP pool:

    1. Go to Policy & Objects > IP Pools and click Create New.
    2. Enter the following:

      IP