AnsweredAssumed Answered

Policy Layers with NATed Objects

Question asked by Eric Boughton on Dec 21, 2018
Latest reply on Dec 21, 2018 by Dameon Welch-Abernathy



I'm looking to simplify our policy and have started to use more inline layers. I was wondering how items with a NAT to them would work when defining the rule. Do I need to define both the NATed network and the DMZ Network as the destination? Or can I just use the DMZ network? I'm thinking I would need to define both. If it helps - the DMZ Items have the NATed address in the object. 



1 rule - Source: Any Destination: one or two DMZ address with NAT Service: 80.

2nd Rule -Source: Any Destination: one DMZ address with NAT Service: TCP port.



Top - Source: Any Destination: DMZ (and NATed Network?) Service: Any

Next - Source: External Destination: Specific DMZ Server Service: 80