Feature Request - Clone NAT Rules

Please add the ability to clone NAT rules, Thanks.

Parents
  • I was going to ask for this feature but then I thought to myself why? Why would you ever want to clone a NAT rule? Most NAT rules are tied and automatically created within a firewall rule. A rule or two that you create as a generic NAT rule will cover most of the other needs.

    Not arguing against the capability as it already exists in UTM, was just wondering in context of XG.

    Regards

  • I like the idea of cloning the NAT. Think about when you need to publish to the same server with the same IP listener but services (outside and inside) are different.

  • Yes for DNAT. For regular NAT, the rules are tied to firewall rules so how would you clone those. Only ones that can be cloned are user created rules and you probably won't have many.

    In any case, more flexibility is always a good thing. I was just wondering about the thought process on why this is needed.

    Regards

    Bill

  • One of the main feature of v18 is that NAT rule have been decoupled from firewall rules.  Or I just do not understand your point.

    People in Sophos world are just TOO accustomed to this "Linked NAT & each firewall rule with its own NAT rule" non sens. 

    But again, most users and business will get 2,3, maybe 5 NAT rules in the end ?  And here I mean bidirectional NAT rules.  Compared to maybe hundreds firewall rules.  I just do not get why one would want to clone NAT rules.  Unless maybe they would have 10 Exchange servers with each of them having their own public IP address ?

    Really, what we need is an auto NAT rule generator.  And NAT templates.

    Paul Jr  

Reply
  • One of the main feature of v18 is that NAT rule have been decoupled from firewall rules.  Or I just do not understand your point.

    People in Sophos world are just TOO accustomed to this "Linked NAT & each firewall rule with its own NAT rule" non sens. 

    But again, most users and business will get 2,3, maybe 5 NAT rules in the end ?  And here I mean bidirectional NAT rules.  Compared to maybe hundreds firewall rules.  I just do not get why one would want to clone NAT rules.  Unless maybe they would have 10 Exchange servers with each of them having their own public IP address ?

    Really, what we need is an auto NAT rule generator.  And NAT templates.

    Paul Jr  

Children