Product Documentation

Configure static NAT

Static NAT allows the user to configure one-to-one NAT, where an inside IP address will match a public IP address. The configuration options are shown below. You must also define the filter policies to allow traffic back in for the static NAT configuration. You can configure static NAT by navigating to Connections > View Site > Firewall > Section > Static NAT Policies.

localized image

Configuration options

  • Priority - the order the policy will be applied within all the defined policies. Lower priority policies are applied before higher priority polices.

  • Direction – the direction, from the perspective of the virtual interface or service, that the translation will operate.

  • Outbound – the destination address for a packet will be translated for packets received on the service. The source address will be translated for packets transmitted on the service.

For example, LAN service to Internet service – for packets outbound, (LAN to Internet) the source IP address is translated. For packets inbound or received (Internet to LAN) the destination IP address are translated.

  • Inbound - the source address for a packet will be translated for packets received on the service. The destination address will be translated for packets transmitted on the service.

For example, Internet service to LAN service – For packets received on the Internet service, the source IP address is translated. For packets transmitted on the Internet service, the destination IP address is translated.

  • Service Type – in reference to a SD-WAN service. For static NAT, these include Local (to the appliance), Intranet, and Internet.

  • Service Name – specific service name that corresponds to the defined Service Type above.

  • Inside Zone – one of the existing inside zones configured on the appliance.

  • Inside IP address – source IP address and mask of the direction selected above.

  • Outside IP address – the outside IP address and mask of packets that are translated to.

Configure static NAT

In this article