- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
02-10-2017 07:11 PM
Hello Live Community,
I am a new comer to the firewall game and I am wondering how would I go about setting up static 1-to-1 destination NAT policy on my PA-500 Firewall. I just recently set up the firewall using the documentation below and everything seems to be running great but my Xbox One device Nat is set to strict. I was wondering if someone could help me understand or show me a good example on how I could change that to open? I have read some great articles but still not fully understanding. Any help would be greatly appreciated!
Initial Firewall Setup:
Articles read on NAT:
https://live.paloaltonetworks.com/t5/Tech-Note-Articles/Understanding-PAN-OS-NAT/ta-p/60965
Thank you!
Luke
02-11-2017 02:24 AM - edited 02-11-2017 02:24 AM
Hi Luke,
Below the answer:
https://live.paloaltonetworks.com/t5/General-Topics/Natting-issue-with-new-subnet/m-p/141806#U141806
02-11-2017 07:42 AM
TranceforLife,
Thank you for the information I think I am slowly getting it. Just a few questions.
In the link that you sent me I see that in the diagram in Pre-Nat they have the "destination address" set up as 195.51.100.22 however I do not see that IP address in the overall diagram so I assume that address is where he wants to connect to correct?
If so I assume I need to find out what Xbox Lives IP address is and enter that in there?
Thank you for all your help
Luke
02-12-2017 03:16 AM - edited 02-12-2017 03:25 AM
Hi,
So you can create a static NAT entry to forward all external traffic destined to a particular public IP to the private IP of the console. So you need to know your external IP for this to work. However, l do recommend to use DDNS for this to work better in case your external IP changed. So in the policy, you simply can put DNS name as a destination same as for nat config. More about DDNS.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!