Redirecting Incomming external traffic to another external service

TheFaxe

Hello,

I have a challange. We moved one webservice to a colocation. There external devices depending on the external ip of our firebox. Now I need a rule to send all external incomming traffic to the ip of the colocation. I tried using a static nat to the external ip.
All incoming pakets are natted to the external ip but do not leave the firebox.
Is there another way to relay the traffic to the external ip of the colocation

james.carson

Hi @TheFaxe

Using a Static NAT should do the trick -- I'd suggest turning on logging for that rule to see if you're logging anything. You'll see it in the properties tab in the rule in policy manager, or in near the bottom of the edit policy window in WebUI as "logging -> send log message."

If it's more than just a basic connection (something like this is most often used for SMTP) the traffic effectively going asymmetric might be the issue (since the cloud server will most likely reply back directly to the client instead of back through the firewall and the NAT'ed connection.

If it's at all possible, and if the service used a FQDN, I'd suggest changing your DNS record to point directly at the service's new home.