Disable NAT for a Specific Host or Interface

Both source NAT and destination NAT rules can be configured to disable address translation. You may have exceptions where you do not want NAT to occur for a certain host in a subnet or for traffic exiting a specific interface. The following procedure shows how to disable source NAT for a host.
  1. Create the NAT policy.
    1. Select
      Policies
      NAT
      and click
      Add
      a descriptive
      Name
      for the policy.
    2. On the
      Original Packet
      tab, select the zone you created for your internal network in the
      Source Zone
      section (click
      Add
      and then select the zone) and the zone you created for the external network from the
      Destination Zone
      drop-down.
    3. For
      Source Address
      , click
      Add
      and enter the host address. Click
      OK
      .
    4. On the
      Translated Packet
      tab, select
      None
      from the
      Translation Type
      drop-down in the Source Address Translation section of the screen.
    5. Click
      OK
      .
  2. Commit your changes.
    Click
    Commit
    .
    NAT rules are processed in order from the top to the bottom, so place the NAT exemption policy before other NAT policies to ensure it is processed before an address translation occurs for the sources you want to exempt.

Related Documentation