Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 2 replies
  • Answers 1 answer
  • Subscribers 41 subscribers
  • Views 701 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Converting iptables to NAT rule

woter324

Hi,

I have been given an iptables command and I would like to create the same rule on my XG. Could anyone confirm if I have "translated" the rule correctly, please?

iptables -t nat -I PREROUTING -s 10.100.20.19 -d www.riscocloud.com -p tcp --dport 33000 -j DNAT --to-destination 192.168.35.30:33000

Original source:

10.100.20.19 (Risco Garage)

Original destination

www.riscocloud.com

Original service

TCP 33000

Translated source (SNAT)

Original

Translated destination (DNAT)

Home Assistant 192.168.35.30/35

Translated service (PAT)

33000

Inbound interface

PortB.23

Outbound interface

PortC

PortB.23 is the VLAN of "Risco Garage"

PortC is my WAN interface. 

Thank you in advance.

W.


License: Home User

Firmware: SFOS 20.0.1 MR-1-Build342



This thread was automatically locked due to age.
  • 0

    Looks ok, didn't work?

    You need a matching firewall-rule too.

    Check log-viewer with free-text-filter set to 33000


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.

  • 0

    Hi, 

    please check and correct your net mask on your DNAT, /35 is not a valid value, maybe /32.

    Ian

    XG115W - v20.0.2 MR-2 - Home

    XG on VM 8 - v21 GA

    If a post solves your question please use the 'Verify Answer' button.

Unfiltered HTML