Sophos XG: How to config Source NAT Rule

-

Sophos XG: How to config Source NAT rule (may use IP static or dynamic)

April 16, 2019 Vincent Sophos 0


This article demonstrates how to create a Source NAT firewall rule so that outbound traffic from the local will use a different static IP address or you can use MASQUERADE to configure SNAT with dynamic IP address. In order to be flexible, businesses don’t need to buy static IP
How to configure
  • Login to Sophos XG Firewall by Admin account

  • Create a LAN layer where you want NAT
  • Network -> Interfaces -> Click Add Interface

  • Choose Add Alias

  • Fill in the information
  • You can NAT 1-1 by select only one LAN IP address or multiple LAN IP addresses by selecting the network layer
-> Click Save

  • Select Host and Services -> IP Host -> Click Add to create a WAN IP address that you want to user to put NAT in Firewall Rule -> Click Save

  • Firewall -> Click Add Firewall Rule -> Select Business application rule

  • Choose DNAT/Full NAT/Load Balancing in Application template

  • In Source zones: Choose LAN
  • In Allowed client networks: Choose Network or IP that you was created before
  • In Destination host/network: Choose IP WAN that you was create before
-> Click Save to save configuration Source NAT

  • If your IP WAN is not a static IP address, it is a dynamic IP address
  • In Advanced -> Choose Rewrite source address (Masquerading)
  • Choose device’s port WAN
-> Click Save

 

Comments

Post a Comment

Popular posts from this blog

How Secure Restore Works

-
Image
Veeam Backup & Replication uses the mount server as a staging server for scanning machine data with antivirus software. By default, the mount server role is assigned to one of the following machines: the Veeam backup server or a repository that stores machine backups. However, you can assign the mount server role to any 64-bit Microsoft Windows machine in your backup infrastructure. For example, you may want to run the malware scan process on a different server for security reasons. For details on mount server deployment and requirements, see Mount Server . To run the malware scan, Veeam Backup & Replication performs the following actions: On the mount server, Veeam Backup & Replication runs Veeam Mount Service to check the antivirus configuration file and antivirus software: Veeam Mount Service verifies if the AntivirusInfos.xml configuration file is located in the %ProgramFiles%\Common Files\Veeam\Backup and...
Read more

Windows Search Does Not Open

-
Image
    Hi, topic's today  "Windows search does not open" .     This problem is the last update issue     follow the steps below for the solution ;         Open the command prompt as a admisitrator and run the following commands     reg add “HKCU\Software\Microsoft\Windows\CurrentVersion\Search” /v BingSearchEnabled /t        REG_DWORD /d 0 /f     reg add “HKCU\Software\Microsoft\Windows\CurrentVersion\Search” /v CortanaConsent /t              REG_DWORD /d 0 /f     tskill searchui     
Read more