08-25-2013 08:44 PM
Folks.
I'm apparently having a particularly stupid day, because I can;t make something as simple as one-to-one NAT work.
Scenario is this.
I have an IP in my DMZ. I have assigned this IP to a particular server which is hosted on my INSIDE (secure) network.
All I want to do is take this IP address and NAT it to the inside address. Something like this
IP addresses have been changed to protect the stupid (me!).
So - request comes in from the web to 1.2.3.91, and I want to redirect it to 10.100.1.120 - only needs web browsing and PING.
but I can not, for the life of me, get it right.
I've got the following NAT rule
Original packet
Source Zone - Outside
Destination Zone - DMZ
Source Address - Any
Destination Address - 1.2.3.91
Translated Packet
Source Translation : None
Destination translation : 10.100.1.120
The security policy is as follows
Source : Outside
Source Address : Any
Destination : Inside
Destination Address : 10.100.1.120
I'm happy for anyone to point out where I'm being stupid and laugh at me - I know it's something obvious, but I'm banging my head trying to sort out what.
thanks
08-25-2013 09:08 PM
Hello Sir,
Please go through the below mentioned documents.
Understanding PAN-OS NAT >>>>>>> Page No 15
Thanks
08-25-2013 09:26 PM
HULK wrote:
Hello Sir,
Please go through the below mentioned documents.
Understanding PAN-OS NAT >>>>>>> Page No 15
Thanks
Did that before I asked the dumb question. As far as I can tell, what I have now configured matches - and the damn thing still isn't working.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!