This website uses cookies. By clicking OK, you consent to the use of cookies. Click Here to learn more about how we use cookies.
OK
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help
HristoGrigorov
Mentor
Mentor
‎2018-06-27 08:16 PM

Automatic NAT with two external IPs

Hi,

I want to create automatic NAT to an internal host from two external IPs. However, in Host->NAT page I can set only one external IP. At the moment I have solved this problem by creating manual NAT rule for the second external IP but I wonder if there us more nifty way to solve this and have automatic NAT for both external IPs?

Reply
3 Replies
Charris_Lappas
Collaborator
‎2018-06-27 09:35 PM

You cannot use two Public IPs and NAT them. This will give you problems with return packets as well. 

What you can do, you can setup an Internet Load Balancer with multiple connections and place it in front of your Firewall. This will give you the possibility of having more than one IPs per public service and the replies can be setup to return through the same source IP. Additionally in case you ISP is down you are still going to be available.

Thanks,

Charris

0 Kudos
Reply
HristoGrigorov
Mentor
Mentor
‎2018-06-27 10:00 PM
In response to Charris_Lappas

Hmm, you are actually right. Thanx for the tip mate. Much appreciated.

0 Kudos
Reply
HeikoAnkenbrand
Champion
Champion
‎2018-06-28 12:12 AM

There is only the way over the manual NAT rule.

1) Use an automatic NAT rule for the first external IP.

2) Use an manuell NAT rule for the second IP and set the proxy arp entry for the second IP in the WebGUI.

Alternatively, you can use two manual NAT rules with two proxy arp entries.

Here you can find a flowchart of how nat is implemented:

R80.x Security Gateway Architecture (Logical Packet Flow) 

 

Regards,

Heiko

Reply