Solved

X500 1 to 1 NAT cannot access internet.

Posted on 2010-09-14
4
533 Views
Last Modified: 2013-11-16
We have 4 static IPs and a watchguard X 500.
 
I setup 1 to 1 Nat , also added the dynamic Nat exclusion.  I also made sure I did not have the public IP as an alias on the box.  However when the box that is setup to be the one to one internal IP, it cant get to the internet, when I remove the 1to1 it gets right out.  

Can anyone help me ?
 
0
Comment
Question by:TechGuy_007
  • 2
4 Comments
 

Author Comment

by:TechGuy_007
ID: 33676624
Anyone?
0
 
LVL 32

Expert Comment

by:dpk_wal
ID: 33680172
Which version of WG software are you running. Also, have you configured any specific outbound policy/rule or are you using default outgoing service.

Finally when you removed the IP from alias, did you reboot the firewall.

Please provide details.

Thank you.
0
 
LVL 4

Accepted Solution

by:
LBACIS earned 500 total points
ID: 33691568
Without an external IP address on the 1 to 1 NAT it cannot go through the external interface. You are going to have to use the 1 to 1 nat and also check the default NAT on the policy in order for it to work.
0
 
LVL 4

Expert Comment

by:LBACIS
ID: 33823801
Just a quick follow up as well, if you want to make the 1 to 1 NAT rule follow ALL of the way through rather than just for whatever inbound rule you are using to that endpoint you can add another DNS and HTTP rule with the 1 to 1 NAT. Remember when you put 1 to 1 NAT in a rule and not in the global settings of the policy it will only apply to the one rule...
0

Featured Post

Networking for the Cloud Era

Join Microsoft and Riverbed for a discussion and demonstration of enhancements to SteelConnect:
-One-click orchestration and cloud connectivity in Azure environments
-Tight integration of SD-WAN and WAN optimization capabilities
-Scalability and resiliency equal to a data center

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question