Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Why does setting up a Many-to-Many Nat require a license?

Hello all.

I just got a TZ470. I have a block of 16 IPs. To NAT them the documentation says to go to Object -> Match Object. When I do it says "Upgrade Required.... Contact SonicWall, Inc. for details on upgrading."

Isn't basic NAT'ing part of the TZ470?

Category: Entry Level Firewalls
Reply
Tagged:

Best Answer

  • CORRECT ANSWER
    NatNat Newbie
    Answer ✓

    @Zyxian

    NAT does not require any license.

    NAT is talking about "ADDRESS OBJECT"

    You are mentioning "MATCH OBJECT", thats totally different.

Answers

  • BWCBWC Cybersecurity Overlord ✭✭✭

    @Zyxian Match Objects are used for App Rules, which are part of the Application Control license.

    But I can't see the relation between NAT and App Rule at this point. NAT is handled with Network Objects, not Match Objects.

    Maybe you might explain your demand in more detail and we can put you in the right direction.

    --Michael@BWC

  • ZyxianZyxian Newbie ✭

    Michael@BWC

    According to this documentation, SonicOSX 7 Rules and Policies - Creating a Many-to-Many NAT Policy - SonicWall that is what is supposed to be done. Are you saying the documentation is wrong?

    I don't see anywhere in my questions where it could be taken as a demand. Sorry you saw it that way.

    This is moot anyways. After I posted this, I started to open a ticket to sales but the chat option came up. I chatted with two different people and neither said it could be done differently as you implied. Instead they pushed buying a license to be able to do Many-to-Many NAT. Since the lowest priced license was almost the same as I paid for the TZ 470, I returned it.

    I bought the TZ 470 to replace an older firewall from a different company. I was able to do a Many-to-Many NAT without buying anything extra. I guess I made a bad assumption that NAT'ing was a basic function of all firewalls. As I search other companies for a replacement I will enquire about basic NAT.

    I did come back here and tried to delete and/or close this but I had no option to.

    Zyxian

  • BWCBWC Cybersecurity Overlord ✭✭✭

    @Zyxian I guess we got a bit confused about the term "Match Objects", which is the section header in the Gen7 Navigation, nevertheless, it's handled through Address Objects (which @Nat verified, and who should have better knowledge on that topic 🤣).

    There is a Match Objects -> Match Objects in the UI, which would require a license. So a typical Usability glitch.

    Long story short, no license needed.

    --Michael@BWC

  • ZyxianZyxian Newbie ✭

    @Nat - I wasn't mentioning Match Object. The documentation was mentioning it. I was only repeating what I saw in the documentation. Please see: SonicOSX 7 Rules and Policies - Creating a Many-to-Many NAT Policy - SonicWall

    Thank you for letting me know that Many-to-Many NAT doesn't need a license/use Match Object unlike what the documentation says.

    I am a retired Geek who has a Windows Server 2019 Datacenter in my den (my "keep-myself-busy" hobby) to host my different websites. I'm finding Sonicwall is better suited for businesses. My current older firewall from another company, I was able to buy just Geo-IP filtering for a reasonable price. In order to be able to do that at Sonicwall I would have to buy a whole package which for me is not a reasonable price.

    Thank you both for your time and effort.

Sign In or Register to comment.