Destination NAT Example—One-to-Many Mapping
In this example, one IP address maps to two different internal hosts. The firewall uses the application to identify the internal host to which the firewall forwards the traffic.
All HTTP traffic is sent to host 10.1.1.100 and SSH traffic is sent to server 10.1.1.101. The following address objects are required:
- Address object for the one pre-translated IP address of the server
- Address object for the real IP address of the SSH server
- Address object for the real IP address of the web server
The corresponding address objects are created:
- Servers-public: 192.0.2.100
- SSH-server: 10.1.1.101
- webserver-private: 10.1.1.100
The NAT rules would look like this:
The security rules would look like this:
NAT Configuration Examples
NAT Configuration Examples Destination NAT Example—One-to-One Mapping Destination NAT with Port Translation Example Destination NAT Example—One-to-Many Mapping Source and Destination NAT Example Virtual Wire Source ...
Destination NAT Example—One-to-One Mapping
Destination NAT Example—One-to-One Mapping The most common mistakes when configuring NAT and security rules are the references to the zones and address objects. The addresses ...
Destination NAT with Port Translation Example
Destination NAT with Port Translation Example In this example, the web server is configured to listen for HTTP traffic on port 8080. The clients access ...
Destination NAT Destination NAT is performed on incoming packets when the firewall translates a destination address to a different destination address; for example, it translates ...
Configure Destination NAT Using Dynamic IP Addresses
Configure Destination NAT Using Dynamic IP Addresses You can use Destination NAT to translate the original destination address to a destination host or server that ...
Virtual Wire Source NAT Example
Virtual Wire Source NAT Example Virtual wire deployment of a Palo Alto Networks firewall includes the benefit of providing security transparently to the end devices. ...
Source and Destination NAT Example
Source and Destination NAT Example In this example, NAT rules translate both the source and destination IP address of packets between the clients and the ...
NAT This section describes Network Address Translation (NAT) and how to configure the firewall for NAT. NAT allows you to translate private, non-routable IPv4 addresses ...
Policies > NAT
Policies > NAT If you define Layer 3 interfaces on the firewall, you can configure a Network Address Translation (NAT) policy to specify whether source ...