After migrating from v17.5 MR8 to v18 EAP1,
for each firewall rule, a new NAT is created. Since I like to have clean situation clean on XG, now I need to unlink all NAT rules from every single firewall rule and attack (in most cases) the same NAT rule (MASQ where the source ip is the primary WAN ip address and service is different).
If I have a different service from each firewall rule, I can use a single NAT where original service is any. I guess that the service port in firewall rule takes precedence, so does not make sense during the migration to have a lot of NAT rules.
Is that something in Sophos you are considering?
Thanks