Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How do I create a 1-to-1 NAT wan>LAN?

I can't, for the life of me, figure out something that is ultra simple on every other dang firewall/UTM I have worked with. 


There is not a place that I can find to create a 1-to-1 NAT. The purpose is video conferencing connections between our various offices. 

I have created the IP Hosts (which are called address objects by everyone else, i dislike these unique names for things that are semi-standard) for both the public and private IP addresses.  but now i can't find how to actually create the NAT.

on the Objects > Policies page I see Network Address Translation.  but when creating a new policy there, the only settings a name and choosing an IP address.  WTF?  which address is it asking for, public or private?  and how do I link that address to the opposite address?



This thread was automatically locked due to age.
Parents
  • Create a new business rule.

    Give it a name and description.

    For host, you can add a specific host, or leave it as ANY if the source is likely to change or be from multiple places.

    Hosted server, set the source zone as WAN, hosted address as your WAN port.

    Protected application servers, you need to set the protected zone to LAN. Create an object for the Protected Application Server (i.e. your VC unit)

    Port forwarding, set your incoming port that you want forwarded, and what port you want it translated to if different.

    The rest of the settings are not really essential - you can set them as you see fit.

    Hope that helps!
Reply
  • Create a new business rule.

    Give it a name and description.

    For host, you can add a specific host, or leave it as ANY if the source is likely to change or be from multiple places.

    Hosted server, set the source zone as WAN, hosted address as your WAN port.

    Protected application servers, you need to set the protected zone to LAN. Create an object for the Protected Application Server (i.e. your VC unit)

    Port forwarding, set your incoming port that you want forwarded, and what port you want it translated to if different.

    The rest of the settings are not really essential - you can set them as you see fit.

    Hope that helps!
Children