Fortigate Virtual IP Port Forwarding Configuration/ Static NAT

On FortiGate devices Static NAT or Port Forwarding is made through the Virtual IP feature.

To map a port on an outside address to a internal ip you need to do two things:

Guide for setting up an IPSEC VPN tunnel between Sonicwall TZ200 and Fortigate

Sonicwall on premise, Fortigate in Datacenter

Aggressive mode , Sonciwall logs show the remote peer doesn't support NAT traversal

put in the peer id which is optional on the fortigate, and use the local id of the external interface (this may not matter)
then lots of messages showed up in the sonicwall complaining no such policy for FQDN id: xxxx.xxxx.xxxx.xxxx

FQDN is domain name,

Fortigate Firewall Policy Debug Procedures

Using diagnose debug flow to show traffic hitting a policy

You can use the diagnose debug flow command to show packet flow through the FortiGate unit. As packets are received you can view debug messages to show how the FortiGate unit processes them. The following command sequence displays packet flow for packets with IP address
The command output is extracted from actual command output and shows what happens after one packet is received:
Subscribe to RSS - fortigate