NAT switch in IPV4 policy

felix34 · ‎12-08-2021

Hello,

I don't understand when to set or unset the NAT button.

I have two servers on my LAN that are reachable on the same WAN with port mapping from WAN adress IP: port_to_translate to LAN IP: port_translated.

On the first server I have a SSH server without the NAT button set on the Policy and it works.

I can access the server from WAN.

On the second server I have a web server ( node.js) but I have to have the NAT switch set on.

If the switch is off , I can't access the server web.

In which case in port translate I need to turn the switch on or off in the policy?

Thank you.

Félix 34

Toshi_Esumi · ‎12-08-2021

That means the second server's default route is not coming through the FGT's interface. VIP=DNAT. So regularly don't need NAT(SNAT) enabled, which by default SNATs the source IP to the interface IP, as long as the returning packets from the destination come back to the same interface at the FGT.

View solution in original post

Toshi_Esumi · ‎12-08-2021

That means the second server's default route is not coming through the FGT's interface. VIP=DNAT. So regularly don't need NAT(SNAT) enabled, which by default SNATs the source IP to the interface IP, as long as the returning packets from the destination come back to the same interface at the FGT.

felix34 · ‎12-08-2021

Thanks Toshi.

NAT switch in IPV4 policy

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website