Yes I understand your scenario and your requirement ..to access resources on remote firewall on port RDP ie 3389 from fortigate 200d connected switch lan users
For your requirement no natting required.
.
Please configure static route in fortigate 200D as below
Ip route 10.48.1.0 255.255.255.0 points towards gateway 10.189.254.17
And for reverse traffic static route in remote n
/W firewall
Ip route 192.168.60.0 255.255.255.0 pointing towards gateway 10.189.254.18
And have a security policies in firewalls allowing traffic
Policy in fortigate 200D
Source interface : interface Port need to mention Destination interface : interface Port need to mention Source address :192.168.60.15/32 Destination address :10.48.1.4/32 Port :tcp-3389 Action : allow Security profiles : on
Now security policy in remote n/w firewall
Source interface : egress interfĂ e of firewall Destination interface :ingress interface of firewall Source address : 192.168.60.15/32 Destination address :10.48.1.4/32 Port :3389/TCP Action : allowed Security profiles :on
.
Now user of fortigate 200D lan users can access internal hosted server on remote network firewall on port 3389
For futher security if you wants to hide your ips then you can use source natting in fortigate 200D firewalls but to accomplish this you need to configure static route in fortigate 200d with destination as source nat pool pointing.
Towards gateway 192.189.254.17..likewise..
Best Answer
It's not possible to see any CLI history for all users. You can use arrow up to see what you entered yourself (in the current session). With the following CLI command you can see how many lines are stored in the history buffer:
get gui console status