Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 10 replies
  • Answers 2 answers
  • Subscribers 28 subscribers
  • Views 85404 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

WAN to LAN Inbound NAT - How To?

Enigy

I just recently installed the Sophos XG platform, coming from a UTM 9 firewall.  Question is, how do I create an inbound NAT to forward HTTPS (tcp 443) to an internal web server?  I've played around with the policy settings and cannot seem to figure out the proper way to set this up.   Any help?



This thread was automatically locked due to age.
Parents
  • 0

    Hi Enigy,

    DNAT/Full-Nat/1-1 NAT rules, along with server load balancing, and Webserver Protection, are now unified in the new Business Application rules in the policy table.

    When you create a new rule, you can choose either

    • HTTP Based - which will create a WAF rule
    • Non-HTTP Based - which will create a NAT rule

    Or you can choose from one of the available named templates, which are primarily WAF based, and help accelerate setup of protection for various web applications. You're not the first to notice that the naming makes it a little hard to find, if you're looking explicitly for something called NAT. We'll make this a little clearer in the next version. 

    To create a simple DNAT rule, just create a new Business rule, selecting the Non-HTTP based template. 

Reply
  • 0

    Hi Enigy,

    DNAT/Full-Nat/1-1 NAT rules, along with server load balancing, and Webserver Protection, are now unified in the new Business Application rules in the policy table.

    When you create a new rule, you can choose either

    • HTTP Based - which will create a WAF rule
    • Non-HTTP Based - which will create a NAT rule

    Or you can choose from one of the available named templates, which are primarily WAF based, and help accelerate setup of protection for various web applications. You're not the first to notice that the naming makes it a little hard to find, if you're looking explicitly for something called NAT. We'll make this a little clearer in the next version. 

    To create a simple DNAT rule, just create a new Business rule, selecting the Non-HTTP based template. 

Children
No Data