Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4739
Views
0
Helpful
4
Replies

How to secure Static NAT translation

iantra123
Level 3
Level 3

‎02-15-2019 12:19 AM - edited ‎03-05-2019 11:16 AM

Hi all,

Is it possible to secure inbound and outbound of a static nat?

The case is following :

There is an public address A, then a public address B, then a private adress C.

The adress A is the front End to internet, then there is a static nat for B to C.

Thus I want to secure the nat on the B so that not all traffic are permited to or from C.

 

Regards,

Antra

0 Helpful
4 Replies 4

Kasun Bandara
VIP
VIP

‎02-15-2019 12:54 AM

are you using PAT in this case for any specific services? or static NAT which maps all ports to internal IP?
Please rate this and mark as solution/answer, if this resolved your issue
Good luck
KB
0 Helpful

Georg Pauwen
VIP
VIP

‎02-15-2019 01:05 AM

Hello,

 

--> Thus I want to secure the nat on the B so that not all traffic are permited to or from C.

 

Static NAT takes precedence, so as long as there is a static mapping, all traffic for C will use that entry.

 

What exactly do you mean by 'securing the NAT' ? What traffc do you NOT want to reach C ?

0 Helpful

iantra123
Level 3
Level 3
In response to Georg Pauwen

‎02-15-2019 03:05 AM

Hello,

Static nat 1:1 goes directly to an IP address (a host), so i want to have a way to create an ACL. for this 1:1 nat.

Because the public adress B that is used for the nat is not tied to any interface.

Regards

0 Helpful

Jon Marshall
Hall of Fame
Hall of Fame

‎02-15-2019 01:26 AM

 

Use an acl, NAT should not be used to secure traffic. 

 

Jon

0 Helpful
Customers Also Viewed These Support Documents