You can create source NAT firewall rules to rewrite the source IP address for a zone behind the Secure Connector with the IP address of the NAT Interface in the destination firewall zone. If multiple Interfaces are in the destination firewall zone, the interface that matches according to a routing lookup is chosen.
In this article:
Create an SC Source NAT Rule
- Go to your Cluster > Cluster Settings > Secure Connector Editor.
- Click Lock.
- Double-click to edit the device or template.
- In the left menu, click Firewall Settings.
- (Template only) Enable check box for Source NAT. Any existing source NAT rules on SCs using this template will be overwritten.
- Click + to add a Firewall Rule. The Firewall Rules windows opens.
- Enter a Name and click OK.
- Configure the source NAT rule:
- Source Interface – Select the source firewall zone.
- NAT Interface – Select the firewall zone.
- Click OK.
- Click OK and Activate.
Delete an SC Source NAT Rule
- Go to your Cluster > Cluster Settings > Secure Connector Editor.
- Click Lock.
- Double-click to edit the device or template.
- In the left menu, click Firewall Settings.
- In the Source NAT list, select the rule you want to delete.
- Click
.
- Click OK and Activate.