We are trying to configure Destination NAT rule for a VC device on Palo Alto 820 NGFW. we need to allow range of TCP ports(Ex:3000-3050) but we could not find the option to configure the port range under the translated tab. find the below requirement for your reference.
Original Packet: Src.IP:Any, Dst.IP:126.96.36.199, DstPortrange: 3000-3050
Translated Packet: Src.IP:original, Dst.IP:192.168.10.1 DstPort Range: 3000-3050
Please let me know if anybody has gone through this scenario with the solution
Unless you are you trying to change the port as part of the translation, you can define the port range as a services object, and then refer to it on the "Original Packet" page of the NAT rule, where you would identify the destination zone and interface. Then your NAT rule will only apply to traffic going to that destination NAT address when it is bound for those ports.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!