XG and Dnats

Question

I am coming from the old utmost's side and busy learning all the new xg stuff. One thing I have not found is if I am trying to build a new XG and obviously trying to build all the gnats from the utmost side. It will load the gnats and bind the appropriate external ip address which of course if the box is plugged into the network will collide with the utm's ip addresses. Does simply turning off the dnats unbind the ip addresses? I miss the simpleness of the UTM side. Flip a switch. Yes the same to a point on XG. But takes many more clicks on the XG side. So if rebuilding the firewall it is a bit of a pain. Anyway enough ranting. Really need to understand where or when the ip address actually binds for that secondary ip agrees. 
 Thanks for any help

Jevin Lizardo · Answer

This would depend on how the XG and the UTM is connected to the default gateway. If they are on the same broadcast domain then turning off the DNAT would do nothing as the XG will respond to ARP requests for the alias or binded external IP address. 
 However, if they are on a separate broadcast domain or subnet then it shouldn't be a problem as long as the routes to the external IP address are still pointed to the UTM. 
 Hope this is makes sense!

XG and Dnats

Top Replies