This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

NAT Rule not working

NAT rule is not working. Tried both ways (DNAT / Firewall+NAT Rule). My WAN interface named BSNL and LAN interface is on Port #8..

This thread was automatically locked due to age.

Top Replies

Raphael Alganes over 1 year ago +1 suggested

Hello, Thanks for reaching out to Sophos Community. Are you doing the test from external or internal network? If internal you need to add a loopback rule: https://doc.sophos.com/nsg/sophos-firewall…

0 Raphael Alganes over 1 year ago

Hello,

Thanks for reaching out to Sophos Community.

Are you doing the test from external or internal network? If internal you need to add a loopback rule: https://doc.sophos.com/nsg/sophos-firewall/19.5/Help/en-us/webhelp/onlinehelp/AdministratorHelp/RulesAndPolicies/NATRules/RulesPoliciesCreateDNATAndFirewallRulesForInternalServers/index.html#specify-firewall-rule-settings-for-the-dnat-rule

If from external, what does the Firewall logs show when you are trying to access?

Regards,

Raphael Alganes
Community Support Engineer | Sophos Technical Support
Sophos Support Videos | Product Documentation | @SophosSupport | Sign up for SMS Alerts
If a post solves your question use the 'Verify Answer' link.
Cancel
Vote Up +1 Vote Down

Cancel
0 Sarabjit Singh over 1 year ago in reply to Raphael Alganes

Hi,

tested from external network.. Need help to find logs...
Cancel
Vote Up 0 Vote Down

Cancel
0 dirkkotte over 1 year ago in reply to Sarabjit Singh

logging: enable logging within the rule and use logviewer ...

But ... to create the rule, use the DNA/Server-publishing-wizzard ... works ever...

Dirk

Systema Gesellschaft für angewandte Datentechnik mbH // Sophos Platinum Partner
Sophos Solution Partner since 2003
If a post solves your question, click the 'Verify Answer' link at this post.
Cancel
Vote Up 0 Vote Down

Cancel
0 kerobra over 1 year ago in reply to Sarabjit Singh

What is Port #8? Your LAN interface or your WAN interface?

In the NAT rule you will need your WAN-interface / IP alias on WAN interface as original destination.
In the firewall rule you will need the post-nat destination zone (LAN, correct), but pre-nat IP (WAN-interface / IP alias).

Regards,

Kevin

Sophos CE/CA (XG, UTM, Central Endpoint)
Gold Partner
Cancel
Vote Up 0 Vote Down

Cancel
0 Vaibhav Patil over 1 year ago

Hello Sarabjit Singh,

I have noticed that you have selected option (original) for Translated Source [SNAT] in Translation Settings as you can see in Second Screenshot which you have posted.

Try to select option (MASQ) instead of (original). It will be work.

Regards,

Vaibhav
Cancel
Vote Up 0 Vote Down

Cancel