Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 2 replies
  • Answers 1 answer
  • Subscribers 28 subscribers
  • Views 526 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

NAT rule (sNAT] rule were created during migration?

David Harrison1

Hi all, 

I'm not sure if I should delete these Migrated NAT rules?

Looks like there is a load of connections being made against these?  could that cause a potential risk to my firewall?



This thread was automatically locked due to age.
  • 0

    Hi : Thank you for reaching out to the Sophos community team. Ideally, there would be no harm to delete this SNAT rule if those are only configured/migrated to apply SNAT with MASQ action. once traffic will reach to XG, XG will try to check the matching NAT rule from top to bottom order, and at last, it will match the default SNAT rule for MASQ action (If you have not deleted this default SNAT rule), However, on the safer side I would suggest first disable them in off-hours or with proper downtime to avoid any impact and validate the status for a couple of hours/days and if things are working fine then you may delete those NAT rules which you have turned off.

  • 0 in reply to Vishal_R

    Thanks,  I disabled it (the one with most connections) and the whole business lost internet access (so quickly put it back on).   so I guess that's required..  just a little concerning that its now up to 615k connections translated.. sorry for my ignorance, but i'm not sure how many connection translations is normal per hour.. (45 users / light internet searching).