Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 3 replies
  • Answers 2 answers
  • Subscribers 26 subscribers
  • Views 325 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

turn of natting on one of the wan links

brucepott

Hi,

we have two WAN ports on an XG 135.

One port is configured with a public IP address and connects directly to the service provider.

Second port is configured with a private IP address ( 192.168.x.x ) and has as the gateway the router of the second service provider. The router of the service provider is doing the Natting.

Can I turn of NAT on our WAN link but keep it on on the other port?

Thanks and regards,

B.



This thread was automatically locked due to age.
Parents
  • FormerMember
    0 FormerMember

    Hey , Thanks for reaching out to Sophos Community.

    You can choose to turn off NAT for the second ISP port with private IP, But then you'll have to add a reverse route on the ISP router/device for all the networks of your local LAN (Network in XG's LAN) otherwise ISP router won't be able to forward reply packets because it won't have the source network (XG's LAN) information to forward the reply traffic.

  • 0 in reply to FormerMember

    Hi<

    thanks for the quick answer.

    ok, we have a reverse route on the other router, but where do I turn off the natting on th eWAN port? I can't find the setting

    b.

  • FormerMember
    0 FormerMember in reply to brucepott

    if you're running v18 or above, You'll need two different NAT rules with respective outbound interfaces selected. You can keep "original" in the "Translated source SNAT" option where you don't want NATing. Keep "MASQ" where NATing is needed.

Reply
  • FormerMember
    0 FormerMember in reply to brucepott

    if you're running v18 or above, You'll need two different NAT rules with respective outbound interfaces selected. You can keep "original" in the "Translated source SNAT" option where you don't want NATing. Keep "MASQ" where NATing is needed.

Children
No Data