@Aashish74 Although in general this may work, there are a few points in the workflow that are not quite a best practice and can be misleading. Bi-directional is generally not recommended as you don’t have full control of the return traffic. Packets will be translated correctly from LAN to WAN, but in the opposite direction, they will match any zone to WAN , which could complicate things if you have multiple zones. I would always recommend having specific inbound destination NAT rule to your servers and a generic source NAT outbound if your servers need to connect to Internet. The second point is that you suggest adding a service to the bidirectional NAT rule, which means that the rule will match only this service port for both the inbound and outbound translation. This kind of defeats the purpose of bi-direction, as you presumably want to configure it for outbound internet traffic for your server. Next, your security rule will match the inbound packets to the server, but not outbound from the server. Finally it is not a good practice to configure the same multiple zones in source and destination.
... View more