SNAT from optional interface to internal.
I have setup Optional Interface 1 as 172.16.16.1/24 to use as a web server. I have successfully setup SNAT for some of the required services which are predefined (I.E. MS-SQL-Server) and these seem to work just fine. I need to also setup SNAT for ports 9894 and 9897 and can't seem to get this to work correctly. I've got SNAT setup as follows:
Then a firewall policy setup
172.16.16.11 to my SNAT rule setup above on ports 9894 and 9897 UDP and TCP
I'm likely missing something basic here, but can't figure out what. I can telnet from internal to 192.168.2.4 on port 9894 and receive a response. Telnetting from 172.16.16.11 to 192.168.2.4 does not work. It never connects.
Any help would be appreciated.
Sign In to comment.
Did you add a Custom Packet Filter for TCP & UDP ports 9894 and 9897, and then create a policy from that Custom Packet Filter with your SNAT?
Yes, I believe so. I'm using the web interface. When creating the policy I chose Custom as the type, then chose the SNAT I created from the drop-down.
I fixed it myself. I deleted the SNAT and policy and added both back in. It's now working. Thanks Bruce.