I've never done inbound One to Many NATs, always been One to One with an internal load balancer. The Sonicwall is designed to be a security appliance, not a load balancer.
If we have got the translated destination to be a range of IPs on the inbound NAT policy considering the service used is same, only a single connection to a random local IP address (FIFO) is allowed by the firewall. One to Many NAT doesn't work for inbound NAT policies and there comes a need for PAT. PAT is where same public IP address is used for different translated local IPs and there is a translation done at the service or port level with original service differs and translated service remains to the actual port on which the local resources actually listen. We are achieving the One to Many NAT concept by translating the ports along with IP's.
Answers
Hi @isaiasants,
Thank you for visiting SonicWall Community.
Yes, you can. Please refer below web-link for the NAT instructions.
Hope this helps.
Regards
Saravanan V
Technical Support Advisor - Premier Services
Professional Services
How would this work with a range as the translated destination? First one to answer wins? Not work at all?
The document is published and old, but does exist.
I've never done inbound One to Many NATs, always been One to One with an internal load balancer. The Sonicwall is designed to be a security appliance, not a load balancer.
Hi @ARKWRIGHT,
If we have got the translated destination to be a range of IPs on the inbound NAT policy considering the service used is same, only a single connection to a random local IP address (FIFO) is allowed by the firewall. One to Many NAT doesn't work for inbound NAT policies and there comes a need for PAT. PAT is where same public IP address is used for different translated local IPs and there is a translation done at the service or port level with original service differs and translated service remains to the actual port on which the local resources actually listen. We are achieving the One to Many NAT concept by translating the ports along with IP's.
Hope this answers your question.
Regards
Saravanan V
Technical Support Advisor - Premier Services
Professional Services