Re: LAN to LAN NAT setup but no traffic

Martin13 · ‎2025-05-27

I have setup a NAT to expose a web server but it needs to be exposed to another LAN port rather than the internet. Each LAN port has its own network etc and the NAT and Policy all seems to be configured ok. When I test I can see the traffic in the security log and it is accepted and has the correct translations etc but no traffic ever hits the web server. I tried using the tcpdump tools with various filters but it never captures any packets for the destination?

I tried to use the add server wizard but when I select to force all traffic back to this gateway it uses the external wan IP as the translated source and not the LAN address hence I had to setup the NAT manually.

Is this configuration supported?

Summary:

Destination IP is NAT`d from 10.80.16.8 to 10.101.52.75

Source IP is NAT`d from any on 10.215.0.0 to FW IP on web server network 10.101.52.254

Static route on firewall to send traffic to 10.215.0.0 out via 10.80.16.1

PhoneBoy · ‎2025-05-27

A Server object will use the WAN IP as a HIDE NAT address when you tick the "Force all traffic back to this gateway."
It definitely requires translating the source (HIDE behind LAN IP) and destination (STATIC) in a single rule.

Are you a member of CheckMates?

LAN to LAN NAT setup but no traffic