AXISHK
asked on
Route Policy
What's the meaning of this rule ?
What's the difference between NAT Policies (under Network) and Access rules (under Firewall) ?
For the rule defined in NAT polices (Inbound & outbound interface), does it mean a rule will be written in Access rule to allow the flow between different zone (eg. Inbound (LAN) and Outbound (WAN) ? Do I need to manually define it under Access rule ?
Tks
Route-Policy.png
What's the difference between NAT Policies (under Network) and Access rules (under Firewall) ?
For the rule defined in NAT polices (Inbound & outbound interface), does it mean a rule will be written in Access rule to allow the flow between different zone (eg. Inbound (LAN) and Outbound (WAN) ? Do I need to manually define it under Access rule ?
Tks
Route-Policy.png
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
So, Access Rule will be proceeded before NAT Policy and I need to add entries in Access Rule first , correct ?
A NAT rule in NAT policy need a corresponding entry in Access Rule to allow traffic flow between two zones involved in NAT, correct ?
For the attached file,
For HK network (Source) connect to x.x.x.x (public IP - a internal FTP server) , Sonicwall will replace the source header to x.x.x.x (public IP of ftp server) while the destination public IP will be replaced to internal IP of the FTP. Why the NAT appear so strange ?
Tks
A NAT rule in NAT policy need a corresponding entry in Access Rule to allow traffic flow between two zones involved in NAT, correct ?
For the attached file,
For HK network (Source) connect to x.x.x.x (public IP - a internal FTP server) , Sonicwall will replace the source header to x.x.x.x (public IP of ftp server) while the destination public IP will be replaced to internal IP of the FTP. Why the NAT appear so strange ?
Tks
Correct. Create the access rules that will be referenced in the NAT policy.
ASKER
Thanks, any idea for the rule defined in the attached file.
"For HK network (Source) connect to x.x.x.x (public IP - a internal FTP server) , Sonicwall will replace the source header to x.x.x.x (public IP of ftp server) while the destination public IP will be replaced to internal IP of the FTP. "
Tks
"For HK network (Source) connect to x.x.x.x (public IP - a internal FTP server) , Sonicwall will replace the source header to x.x.x.x (public IP of ftp server) while the destination public IP will be replaced to internal IP of the FTP. "
Tks
It is really difficult to answer your questions with x.x.x.x substituted for everything.
ASKER
Please refer to the attached file.
Column "Translated" & "Destination Original" are referring to the same IP address.
Tks
NATPolicy.png
Column "Translated" & "Destination Original" are referring to the same IP address.
Tks
NATPolicy.png
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
A NAT policy is a router function that allows you to map one IP address to another (inside = outside):
For example - 192.168.1.5 (inside) could be mapped to 216.93.183.57 (outside)
Access rules are a firewall function that permits traffic to bass between zones:
For example - You could permit traffic on TCP 80 (HTTP) from the outside to 216.93.183.57, which would translate to 192.168.1.5.