diff --git a/src/content/docs/magic-wan/configuration/manually/third-party/fortinet.mdx b/src/content/docs/magic-wan/configuration/manually/third-party/fortinet.mdx
index 5a6f4d426251a8..d8d6fbca48fd0d 100644
--- a/src/content/docs/magic-wan/configuration/manually/third-party/fortinet.mdx
+++ b/src/content/docs/magic-wan/configuration/manually/third-party/fortinet.mdx
@@ -75,6 +75,28 @@ config system settings
 end
 ```
 
+### Configure NAT-T (optional)
+
+If you have NAT traversal (NAT-T) on your network, you need to enable this feature and initiate IKE communications on port `4500`.
+
+To set the IKE port, add the following to your system settings:
+
+```txt
+config system settings
+    set ike-port 4500
+end
+```
+
+To enable NAT-T, add `set nattraversal enable` to the IPsec tunnels you are configuring.
+
+```txt
+fortigate # config vpn ipsec phase1-interface
+    edit "<NAME_OF_YOUR_TUNNEL>"
+        set nattraversal enable
+```
+
+Refer to [Fortinet's documentation](https://community.fortinet.com/t5/FortiGate/Technical-Tip-IPSec-VPN-NAT-traversal/ta-p/197873) for more details.
+
 ### Disable anti-replay protection
 
 For route-based IPsec configurations, you will need to disable anti-replay protection. The command below disables anti-replay protection globally, but you can also do this per firewall policy. Refer to Fortinet's documentation on [anti-replay support per policy](https://community.fortinet.com/t5/FortiGate/Technical-Tip-Anti-Replay-option-support-per-policy/ta-p/191435) to learn more.