This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Masquerading or SNAT?

This is my External interface settings:

Name: External
Type: DSL (PPPOE)
VDSL:
Static PPPoE IP: 197.***.***.202/32
IPv4 Default GW:

Which is best in terms of performance:

- Creating a Masquerading rule:
Network: Internal (Network)
Interface: External

OR

- Creating an SNAT rule:
For traffic from: Internal (Network)
Using service: Any
Going to: Any
Change the source to: External (Address)
And the service to:

?

This thread was automatically locked due to age.

0 scorpionking over 9 years ago
Either is possible however common practice is to use masquerading.
----------
Sophos user, admin and reseller.
Private Setup:

XG: HPE DL20 Gen9 (Core i3-7300, 8GB RAM, 120GB SSD) | XG 18.0 (Home License) with: Web Protection, Site-to-Site-VPN (IPSec, RED-Tunnel), Remote Access (SSL, HTML5)

UTM: 2 vCPUs, 2GB RAM, 50GB vHDD, 2 vNICs on vServer (KVM) | UTM 9.7 (Home License) with: Email Protection, Webserver Protection, RED-Tunnel (server)
Cancel
Vote Up 0 Vote Down

Cancel
0 virtualrack over 9 years ago

Masquerading is better in terms of performance as it won't have to inspect each packet for a given service etc. As the previous poster stated, masquerading is the common practice,
Cancel
Vote Up 0 Vote Down

Cancel