Cloud NGFW for AWS
Configure Private Traffic Range
Table of Contents
Configure Private Traffic Range
Specify the private traffic range for each Cloud NGFW for AWS endpoint.
| Where Can I Use This? | What Do I Need? |
|---|---|
|
|
Cloud NGFW allows you to specify the Private Traffic Range for each endpoint. By
default, the private traffic range prefixes include the VPC-allowed IP address
ranges as specified in IANA RFC 1918. However, your hybrid cloud
network could additionally include the shared address space per IANA
RFC 6598 or a certain set of publicly routable CIDR blocks in the private
traffic range prefixes.
To configure private traffic ranges:
- Log in to the Cloud NGFW console.Click NGFWs.In the Endpoint Management section, select the subnet from the drop-down menu.Select Manage Traffic and Egress NAT for the appropriate endpoint in the Endpoints table:
![]()
In the Manage Traffic and Egress NAT screen, specify the IP address (or addresses) that you want to explicitly include:![]()
Select the check box to Add Additional Prefixes to Private Traffic Range.Select the Perform Egress NAT check box to ensure that address translation occurs to all public IP address destinations, except those noted in the private traffic range.Click Save.
