STATIC 1-1 NAT with Alias

Question

HI , 
 I'm trying to configure an XG firewall with STATIC NAT for an internal server . 
 We have the following : 
 - WAN Interface with its public IP and an alias defined . We need to configure the static NAT to use the ALIAS address 
 - An internal server with ip address 172.26.1.188 
 We need that this internal server is NATTED to the WAN ALIAS while connecting to internet AND PUBLISHED to internet with the ALIAS address 
 I found the articles referring to creating a business non-http publishing rule but it seems not to work as expected 
 
 here the configuration I made : 
 Source : Any 
 hosted server : Source Zone WAN , Hosted address #port2:0-aliasip 
 protected server : Protected zone : LAN , Protected server : SERVERTEST ( object created ) 
 POrt forwarding all 
 
 But it does not work , neither I can access the server from outside neither the server can access internet 
 thanks

varunparikh · Accepted Answer

Hi Stefano 
 it looks like you are XG v15 at the moment. If you update to XG v16, you'll find the full NAT, DNAT option in the templates for business firewall rules. Please see the screenshot below 
 
 When on the policy page, you can create the NAT policy on the same page and also select reflexive rule (for outbound traffic - reflexive rule is the opposite of the rule being created, eg. if you create a WAN -> LAN rule, reflexive of it would be LAN > WAN). 
 
 Hope this helps

Aditya Patel · Answer

Hi StefanoColombo, 
 By any chance you have applied NAT Masq while accessing the server from outside , and if you want your server to communicate to WAN via an Alias address. You would need to create a NAT policy and add into the rule which Route through gateway where the alias is bind with .For additional information could you try to access locally and also check the tcpdump and post your answers. 
 Thanks and Regards 
 Aditya Patel