Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
stallwoodj
Collaborator
Jump to solution

Hide NAT using "Interface" object

Hi,

 

I have a customer with a 1590 - locally managed version R80.20.40.

Their main internet circuit is Ethernet with fixed IP. Dedicated VoIP circuit is PPPoE with dynamic IP.

Automatic Hide NAT for outgoing traffic is OFF as it was interfering with their SIP traffic.

We have source-based static route via PPPoE interface for their VoIP, but in order to NAT it we have to modify the src_adtr object every time the circuit goes down and up again. There appears to be no "This firewall" or even better "This Internet Interface" to create a manual Hide NAT rule with.

Is there a way to do the hide NAT better?

 

Thanks

Jamie

 

0 Kudos
1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin

Possible way to achieve this is with a host object for the IP address of 0.0.0.0.

View solution in original post

9 Replies
_Val_
Admin
Admin

@AntoinetteHodes can you advise?

0 Kudos
AntoinetteHodes
Employee
Employee

Hello @stallwoodj, I am not sure if this is possible due to the dynamic IP setup you mention. Static is preferred. The best and quickest way forward would be opening a TAC case as this might be the only workaround.

stallwoodj
Collaborator

Thanks, I'll raise an RFE for a "This Gateway" source as Hide NAT.

0 Kudos
PhoneBoy
Admin
Admin

With a centrally managed 1590, you could use the "LocalMachine" dynamic object with NAT and it should work fine.
Unfortunately, those dynamic objects are not exposed in local management, thus an RFE would be required. 

0 Kudos
PhoneBoy
Admin
Admin

Possible way to achieve this is with a host object for the IP address of 0.0.0.0.

stallwoodj
Collaborator

Thanks PhoneBoy, I tested this in the lab and it worked straight away!

0 Kudos
PhoneBoy
Admin
Admin

Whether this is supported or not is a separate question of course, but glad to hear it worked for you!

0 Kudos
Chris_Atkinson
Employee Employee
Employee

sk40637 brings back some related memories  😜

CCSM R77/R80/ELITE
0 Kudos
PhoneBoy
Admin
Admin

Considering that SK originated from Nokia, and I know the guy who wrote the article...yeah, I feel you. 🙂

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events