cancel
Showing results for 
Search instead for 
Did you mean: 
Post a Question

NAT process for self-originated traffic

Jump to solution

Hi,

Does the traffic generated by the Security Gateways gets NATted or is NAT only applied to traffic traversing the appliances? 

0 Kudos
1 Solution

Accepted Solutions

Re: NAT process for self-originated traffic

Jump to solution

Only the source IP address of traffic originated from the gateway itself may be NATted, since that traffic will only pass through inspection points oO where source NAT operations occur.  Destination NAT occurs between iI which will never see or handle gateway-originated traffic.  Traffic originated from the gateway and traffic whose destination IP address is an interface of the gateway itself will never be handled by SecureXL, and will always go F2F/slowpath.

--

CheckMates Break Out Sessions Speaker

CPX 2019 Las Vegas & Vienna - Tuesday@13:30

"IPS Immersion Training" Self-paced Video Class
Now Available at http://www.maxpowerfirewalls.com
4 Replies

Re: NAT process for self-originated traffic

Jump to solution

Only the source IP address of traffic originated from the gateway itself may be NATted, since that traffic will only pass through inspection points oO where source NAT operations occur.  Destination NAT occurs between iI which will never see or handle gateway-originated traffic.  Traffic originated from the gateway and traffic whose destination IP address is an interface of the gateway itself will never be handled by SecureXL, and will always go F2F/slowpath.

--

CheckMates Break Out Sessions Speaker

CPX 2019 Las Vegas & Vienna - Tuesday@13:30

"IPS Immersion Training" Self-paced Video Class
Now Available at http://www.maxpowerfirewalls.com
Admin
Admin

Re: NAT process for self-originated traffic

Jump to solution

While that makes sense, I don't think I knew that.

0 Kudos
Maarten_Sjouw
Platinum

Re: NAT process for self-originated traffic

Jump to solution

Although practice learns this does not work on Embedded GAIA.

Regards, Maarten
0 Kudos
Highlighted

Re: NAT process for self-originated traffic

Jump to solution

That is exactly what I was looking for! Thanks!

0 Kudos