This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Firewall Rule with Nat

When building a firewall rule that will utilize a system with a public IP nat, do I use the internal or public IP in the rule? Also do I need to build a dnat and snat for each public nat?

Inside Lan to Internet rule would I use the internal or public IP?

Internet to Inside Lan, would I use the public or internal IP?

Thanks.

This thread was automatically locked due to age.

Parents

0 BarryG over 11 years ago

Hi,

There are quite a few options for externally accessible servers, including:
DNAT + Masq
DNAT + SNAT
1-1 NAT
WAF
...

If you're trying to forward traffic from the Internet to your internal servers with a DNAT, the first Dest field is the external address.
The firewall rule would use the internal address as the destination.

If you have more questions, please post a specific example.

Barry
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 BarryG over 11 years ago

Hi,

There are quite a few options for externally accessible servers, including:
DNAT + Masq
DNAT + SNAT
1-1 NAT
WAF
...

If you're trying to forward traffic from the Internet to your internal servers with a DNAT, the first Dest field is the external address.
The firewall rule would use the internal address as the destination.

If you have more questions, please post a specific example.

Barry
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data