Nat IP External for IP Internal

isaiasants · June 2021

Good afternoon,

Can I create a NAT policy with an external ip port 80 and convert it to an internal range IP?

Saravanan · June 2021

Thank you for visiting SonicWall Community.

Yes, you can. Please refer below web-link for the NAT instructions.

https://www.sonicwall.com/support/knowledge-base/how-can-i-enable-port-forwarding-and-allow-access-to-a-server-through-the-sonicwall/170503477349850/

Hope this helps.

Arkwright · June 2021

How would this work with a range as the translated destination? First one to answer wins? Not work at all?

TKWITS · June 2021

The document is published and old, but does exist.

http://help.sonicwall.com/help/sw/eng/7120/25/9/0/content/Ch35_Network_NAT_Policies.039.24.html

I've never done inbound One to Many NATs, always been One to One with an internal load balancer. The Sonicwall is designed to be a security appliance, not a load balancer.

Saravanan · June 2021

Hi @ARKWRIGHT,

If we have got the translated destination to be a range of IPs on the inbound NAT policy considering the service used is same, only a single connection to a random local IP address (FIFO) is allowed by the firewall. One to Many NAT doesn't work for inbound NAT policies and there comes a need for PAT. PAT is where same public IP address is used for different translated local IPs and there is a translation done at the service or port level with original service differs and translated service remains to the actual port on which the local resources actually listen. We are achieving the One to Many NAT concept by translating the ports along with IP's.

https://www.sonicwall.com/support/knowledge-base/how-can-i-configure-port-address-translation-pat-or-port-redirection/170505515124447/

Hope this answers your question.

Join the Conversation

Nat IP External for IP Internal

Answers