Professional Documents
Culture Documents
NAT
There are 2 types:
1. Source Nat
2. Destination Nat (VIP)
Example 2:
o Name: server-RDP
o Interface: wan (wan1)
o External IP Address/Range: 192.168.10.77
o Mapped IP Address/Range: 192.168.20.21
o Port Forwarding: Enable
o Protocol: TCP
o External Service Port: 4489
o Map to Port: 3389
If we accessing the system mean type like (192.168.10.77:3389)
Example 3:
o Name: server-SSH
o Interface: wan (wan1)
o External IP Address/Range: 192.168.10.77
o Mapped IP Address/Range: 192.168.20.21
o Port Forwarding: Enable
o Protocol: TCP
o External Service Port: 22
o Map to Port: 22
Step 2:
Policy and Object ---> Virtual IPs
Click Create New under that select Virtual IP Group
Step 3:
Policy and Object ---> IPv4 Policy
Click on create new
o Name: server policy 1
o Incoming Interface: wan (wan1) [ this is coming from internet to
system and this will act like source ]
o Outgoing Interface: lan (lan) [ this will act like destination ]
o Source: all
o Destination: Server ports (Virtual IP group members)
o Services: all
o Action: accept
o NAT: Enable
Security Profiles
o Antivirus: Enable (here no need to enable web filter and
application control because it is coming to local network)
o Log Allowed Traffic: All sessions
Source NAT
Step 4:
Policy and Object ---> IPv4 policy
Name: Overload
External IP Range: 192.168.10.77 – 192.168.10.77
This is the default setting. Internal addresses other than the one
designated in the policy can use this address for the purposes of NAT.
Example 2: One-to-One
Name: One-to-One
External IP Range: 192.168.10.80 – 192.168.10.81
Name: Fixed
External IP Range: 192.168.10.77 – 192.168.10.77
Block size: 128
Block Per User: 8