Solved: R80.10 - SRC NAT and DST NAT

DFW · ‎2020-06-17

Hello everyone,

We are running 12400 with R80.10 and we have specific scenario that we would like to achieve, and so far we are unable to get this done using CP gateways, while possible with other vendors. We want just to have soure and destination NAT at the same time (full NAT).

This is the network flow we are trying to get working:

SRC: Device on the Internet = 80.1.1.1 > DST:internal server public IP (40.40.40.40)

>>>> Firewall SRC NAT 80.1.1.1 TO 10.0.0.10 and DST NAT 40.40.40.40 TO 10.1.1.5

Then normal routing takes place inside our network. So basicially we want the SRC and DST to become internal IP addresses.

Today DST NAT works with no issue, but we want all internal communication to happen on prviate networks and no external network go inside our network.

Thanks,

Nazar

PhoneBoy · ‎2020-06-18

Use the object All_Internet instead of Any.

View solution in original post

PhoneBoy · ‎2020-06-17

What precise steps did you try to achieve this configuration?
You can definitely do this with manual NAT rules.

DFW · ‎2020-06-18

@PhoneBoyWe try to set the source as Any and the translated source to a private IP but we getting an error that it should be only Any to Original

Wolfgang · ‎2020-06-18

@DFW

should be possible. Create a manual NAT rule like this:

Wolfgang

DFW · ‎2020-06-18

@Wolfgang

Thanks for the response but our target is to set the Source to "Any"

PhoneBoy · ‎2020-06-18

Use the object All_Internet instead of Any.

DFW · ‎2020-06-18

@PhoneBoy

Thanks a lot, replacing Any with the All-internet object solved the issue!!!

Are you a member of CheckMates?

R80.10 - SRC NAT and DST NAT