Solved: Re: Static NAT. Simple question.

Andrey_Korobko · ‎2017-11-20

There is a firewall 5400. On the firewall three interfaces:

1. LAN - 10.1.1.1

2. DMZ - 172.16.0.1

3. EXTERNAL- 85.1.1.100

It is necessary to publish the web server (on the local network) outside so that:

1. WEB server (LAN)<->DMZ - without NAT

2. External <-> WEB server (LAN) - via a specific ip address (85.1.1.105)

3. WEB server (LAN) <->External - via a specific ip address (85.1.1.105)

How to write a static NAT rule I understand, but how to make sure that traffic is not between Web server and DMZ?

Gaurav_Pandya · ‎2017-11-20

Hi Andrey,

There should be subnets defined in LAN as well as in DMZ. so you can make groups of LAN subnet and DMZ subnet. After that you can put Manual NAT rule from LAN to DMZ and vice versa with No NAT. For remaining traffic you can use static NAT.

Hope I answered your question.

View solution in original post

Gaurav_Pandya · ‎2017-11-20

Hi Andrey,

There should be subnets defined in LAN as well as in DMZ. so you can make groups of LAN subnet and DMZ subnet. After that you can put Manual NAT rule from LAN to DMZ and vice versa with No NAT. For remaining traffic you can use static NAT.

Hope I answered your question.

Andrey_Korobko · ‎2017-11-20

How to make a rule without NAT, can show or example lead? Thank you.

Gaurav_Pandya · ‎2017-11-20

Hi,

You can keep packet as "original" in translated packet field.

Gaurav_Pandya · ‎2017-11-20

Static NAT. Simple question.

Duplicate CMA's after upgrade to R81.10

Bulk Import / Management of Server Certificates

When an disassociation is sent for a Datacenter ob...

Central Deployment Tool (CDT) v1.9.4 - - <send_ema...

Schedule backup restoring using FQDN