In enterprise network, what are the usage scenarios for Destination NAT and Source NAT with Bi-directional option enable ?
Very good explanation here:
Doesn't matter enterprise or home network NAT still the same:
Source NAT translates your source IP to a different one
Destination NAT translate your destination IP (one use of for enabling access to your internal servers from Internet)
Bi-directional really same as above, means by ticking the box you will create implicit Destination NAT policy. GUI will only show you that it is bidirectional but CLI will display the same rule as two separate (Source and Destination):
> show running nat-policy
Here's a video where I explain several scenarios : Tutorial: Network Address Translation
There is only one configuration method allowed where the bi-directional option is supported, and that is for source nat (bi-directional cannot be enabled when destination NAT is configured because the bi-directional option needs to be able to set the destination option in the implied reverse policy
if for example the configured rule is like this:
the bi-directional option will create an implied rule that sets destination translation for IP 220.127.116.11 if the original packet is headed toward 10.0.0.1 coming from the remote zone
hope this helps
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!