Question on Destination NAT and Firewall Rule

Hi,

We are testing V18 in my LAB and I am confused with Firewall rule and Destination NAT policy. My configuration as like:

In the Firewall Rule, Why I need Destination HOST as "ANY". If I will choose a host IP in destination Host as my SSH server then this rule is not working. Is it a bug or some specific reason for the required "ANY" in the Destination HOST field?

Parents Reply
  • The question is, how other points deal with such an process? 

    I am always pointing out, that this is kinda complicated to deal with, if you are starting to "split" a firewall rule set, like V17.5 to V18. 

    Personally speaking, the Automatic firewall rule option should resolve this issue right away, but i would not use it at all. I am not a fan of any product, which creates something at his own and put this rule anywhere in his firewall rule set. Anyways, i am simply pointing out the current status, which i am fine with it, but i understand that a missing automatic firewall rule option could be an issue for several customers. 

     

    __________________________________________________________________________________________________________________

Children