1600 gateway NAT setting confusion

nflnetwork29 · ‎2023-02-13

hello,

I'm configuring a bunch of 1600's (quantum spark) in a hub and spoke type of topology.

1600's at the branches and 6200 at HQ. (ALL INTERNET TRAFFIC FLOWS VIA HQ)

and i see two NAT settings on the 1600's and i'm not quite sure how they should be set.

1 - under internet connection > advanced settings

2 - under access policy

Do I want these both off?

PhoneBoy · ‎2023-02-13

You can turn both of these off, yes.
These rules are meant for Internet access from the LAN or other networks behind the device.

nflnetwork29 · ‎2023-02-13

that's fine but what happens if they conflict - which one takes priority?

PhoneBoy · ‎2023-02-14

I presume the one under Access Policy applies to all Internet connections versus the one under the specific Internet connection, which just applies to that one.

the_rock · ‎2023-02-14

As @PhoneBoy mentioned, the one under access policy would apply to EVERYTHING internal being natted when going outbound, so its more broad and would take precedence.

G_W_Albrecht · ‎2023-02-14

Currently, both are set to the same: Do NOT hide internal networks = Hide internal Networks OFF

With one ISP, one should change if the other is changed...

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist

Are you a member of CheckMates?

1600 gateway NAT setting confusion