Hi,
How can i redirect all the traffic coming from the internet to an Internal Reverse Proxy Server (Nginx) without having to use the Sophos WAF
This thread was automatically locked due to age.
Hi,
How can i redirect all the traffic coming from the internet to an Internal Reverse Proxy Server (Nginx) without having to use the Sophos WAF
Hi BachirBelkhiri,
Thank you for reaching out to the Community!
You can configure the DNAT rule to forward traffic from the internet to the internal server.
Destination Network Address Translation (DNAT) and Source Network Address Translation (SNAT) are both special cases of NAT. With SNAT, the IP address of the computer which initiated the connection is rewritten, while with its counterpart DNAT, the destination addresses of data packets are rewritten. DNAT is especially useful when your internal network uses private IP addresses, but you want to make some services available to the outside.
This is best demonstrated with an example. Suppose your internal network uses the address space 192.168.0.0/255.255.255.0 and a webserver running at IP address 192.168.0.20 port 80 should be available to Internet-based clients. Because the 192.168. address space is private, the Internet-based clients cannot send packets directly to the webserver. It is, however, possible for them to communicate with the external (public) address of Sophos UTM. DNAT can, in this case, take packets addressed to port 80 of the system’s address and forward them to the internal webserver.
Sample DNAT rule screenshot:
Thanks,