We have a customer that have 2 sophos 220 (UTM v9 upgraded) and they had problem with NAT 1:1 feature. Their requirement as All traffic from subnet 192.168.212.128/25 (behind ether6) need to be translated 1 to 1 to 172.17.1.128/25 via eth5 before come to networks 172.16.9.0/24, 172.16.10.0.24.
Eg: 192.168.212.155 -> 172.17.1.155 before go to network 172.16.9.0/24.
I have gone their site and setup NAT 1:1 but it does not work. My configuration as bellowing:
1. Go to NAT 1:1 feature in the Network Protection subs.
2. Select Rule type: 1:1 NAT
3. Select the matching conditions:
a. For traffic from: 192.168.212.128/25
b. Using service: Any
c. Going to: 172.16.9.0/24 and 172.16.10.0.24
4. Select action
a. 1:1 NAT mode: Source mapping
b. MAP to: 172.17.1.128/25
5. Checked to “Automatic Firewall Rule”
I dun know what was wrong but it does not work ( PC in 192.168.212.128 can not go out internet ) and the log report that dropped packet from 192.168.212.128.
I also tried by use Masquederading and it worked properly. Anyone give me an idea for this. Tks
This thread was automatically locked due to age.
