Advanced NAT allows you to identify real addresses and real ports for address translation by specifying the source and destination addresses.
Note Up to 32 advanced NAT rules can be configured on the security appliance. You must create firewall rules to allow access so that advanced NAT rules can function properly.
1. Click Firewall > NAT > Advanced NAT.
2. To enable an advanced NAT rule, check the box in the Enable column.
3. To add a new advanced NAT rule, click Add.
Other options: To edit an entry, click the Edit (pencil) icon. To delete an entry, click the Delete (x) icon. To delete multiple entries, check them and click Delete.
The Advanced NAT Rule - Add/Edit window opens.
4. Enter the following information:
• Name: Enter the name for the advanced NAT rule.
• Enable: Click On to enable the advanced NAT rule, or click Off to create only the advanced NAT rule.
• From: Choose Any or choose an interface (a WAN port or a VLAN) that traffic originates from.
• To: Choose Any or choose an interface (a VLAN or a WAN port) that traffic goes to.
NOTE: When the original destination address is different with the translated destination address, you must choose Any for this option. When the original destination address is same with the translated destination address, you can choose a specific VLAN or WAN port for this option.
• Original Source Address: Choose the original source address for the packet.
• Original Destination Address: Choose the original destination address for the packet.
• Original Services: Choose the original TCP or UDP service.
• Translated Source Address: Choose the translated source address for the packet.
• Translated Destination Address: Choose the translated destination address for the packet.
• Translated Services: Choose the translated TCP or UDP service.
If the address that you want is not in the list, choose Create a new address to create a new IP address object. To maintain the IP address objects, go to the Networking > Address Management page. See Address Management, page 155.
If the service that you want is not in the list, choose Create a new service to create a new service object. To maintain the service objects, go to the Networking > Service Management page. See Service Management, page 157.
5. Click OK to save your settings.
6. Click Save to apply your settings.
7. Firewall rules must be configured to allow access so that advanced NAT rules can function properly. After you save your settings, go to the Firewall > Access Control > ACL Rules page to do this. See Configuring a Firewall Rule.