Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Many-to-Many NAT

sfinatesfinate Newbie ✭
edited August 2022 in Mid Range Firewalls

Hello;

I would like to configure a Many-to-Many NAT for use by my internal subnets. I have my own /24 that will not be included in the NAT policy. That /24 is set up as a LAN subnet.

Right now I have a certain pool of these public IP addresses set up as an address object in the WAN zone for the NAT policy.

I am not using the default X0 and X1 as I have a large quantity of bandwidth and use 10Gbit SFPs for connectivity to my router. X24 and X25 are L2 bridged in my configuration.

The DHCP scopes enabled all reflect the X26 virtual interfaces that have been created as gateway IP addresses for those different VLANs.

Currently the configuration is:

ORIGINAL

Source: X26 Subnets (X26 contains all of the virtual gateway interfaces for my internal subnets and VLANs)

Destination: Any

Service: Any

Ingress Interface: Any

Egress Interface: X25

TRANSLATED

Source: Public IP Pool (Address object of the WAN public IP addresses)

Destination: Original

Service: Original

From any of the internal subnets, it still does not reflect the pool of public IP addresses and only reflects the SonicWALL bridged interface IP.

The NAT rule is reflected as being matched, but there is only the single IP that displays when doing an IP lookup from outside.

I've tried setting the Ingress interface to X24 (the LAN side of the L2 bridge) but the NAT rule does not match.

What am I doing wrong?

Category: Mid Range Firewalls
Reply

Comments

  • sfinatesfinate Newbie ✭

    It appears as if I answered my own question. I had to set up individual NAT table entries for each X26:V** Interface with the X25 as the Egress, using the Public IP Pool as the translated source and "any/original" as the rest.

    I thought I could do them all at the same time, but this will get me where I need to go.

Sign In or Register to comment.