This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Can you explain NAT options on UTM?

I need to map an external address to an internal address, and the same internal address back to the original incoming address, on a session by session basis. I cannot use automatic 1:1 mapping. I need to specify the addresses, which may not be sequential. For instance:

Internet-facing IP: 204.28.120.190/23

On a session-by-session basis:

Inbound source IP: w.x.y.z
Inbound target IP: 204.28.120.177
NAT: 204.28.120.177 (WAN) -> 10.10.10.30 (LAN)

Outbound source IP: 10.10.10.30 (LAN)
Outbound target IP: w.x.y.z
NAT: 10.10.10.30 (LAN) -> 204.28.120.177

There are a variety of options, like DNAT, SNAT, 1:1 NAT and full NAT. Does anyone know which one to choose, or how to set up a ocmbination, that works?

Thanks!

This thread was automatically locked due to age.

Parents

0 BAlfson over 11 years ago

No, one IP at a time - see #4 in Rulz.

You're right, Dave, I should have used x for the public and y for the private IPs.

If you're accepting inbound requests, you must send the replies from the same IP or the requestor's firewall will drop the response. The rules I gave would result in the following:

Inbound request: [66.77.88.99 -> HTTP -> 204.28.120.150]
Outbound response: [204.28.120.150 -> HTTP Response -> 66.77.88.99]

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 BAlfson over 11 years ago

No, one IP at a time - see #4 in Rulz.

You're right, Dave, I should have used x for the public and y for the private IPs.

If you're accepting inbound requests, you must send the replies from the same IP or the requestor's firewall will drop the response. The rules I gave would result in the following:

Inbound request: [66.77.88.99 -> HTTP -> 204.28.120.150]
Outbound response: [204.28.120.150 -> HTTP Response -> 66.77.88.99]

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data