i just want to create a "easy" port forwarding rule from external (public ip), port 52516 to a internal server port 52516, but i can´t get it done on a PA-2050. it´s a web-service running on that internal server....
i´ve created a service/application for that tcp-port, i´v created a PBF-Rule and a port-based NAT rule, but it´s not working at all.
is there a guide/howto ?!?
Solved! Go to Solution.
To answer your question of why "Source Zone: Internet , Destination Zone: Internet"? Such a NAT policy would be defined to allow traffic from your Internet Zone to a server on one of your Internal Zones. NAT policies are created with the pre-NAT IP addresses in mind. In other words, when configuring NAT rules, we think of how PAN sees the incoming packet before NAT is applied. Since the source IP will be a random public IP in most cases, PAN knows that public IP addresses are situated on the Internet Zone (because the default route would be pointing out the Internet Zone interface). Hence we select Internet as the source zone. For destination zone, when a packet comes in, the destination IP address would also be a public IP address. Hence we select Internet zone again as the destination zone keeping in mind that before NAT is applied, the destination IP address belongs to the Internet zone interface.
Example #2 illustrates to to configure NAT for an internal server. Again the point to remember when configuring NAT rules is: Consider where the pre-NAT ip-addresses are situated with respect to PAN.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!