Thread: urgent help required on this manual static nat pls
View Single Post
  #4 (permalink)  
Old 2008-04-19
cciesec2006 cciesec2006 is offline
Senior Member
  
Join Date: 2006-09-26
Posts: 820
Rep Power: 3
cciesec2006 has an average reputation (10+)
Default Re: urgent help required on this manual static nat pls
you need to do this in NAT rule:

rule 1:

in the original packet
source inside-host(10.1.1.254) destination any service any

in the translated packet
source static-host(60.1.1.1) destination any service any

rule 2:

in the original packet
source any destination is static-host 60.1.1.1 service any

in the translated packet
source any destination inside-host 10.1.1.254 service any


in the security rule:

source is Any, destination is static-host 60.1.1.1 service is telnet.

I just tried on my Nokia firewall R55 and it works just fine.


Think about it, when host 1.1.1.2 wants to talk to host 60.1.1.1, since
you already have the route in place, source will be "ANY", for simplicity,
destination is 60.1.1.1 for original packet. For translated packet, you
want to keep the source the same but change the destination to
10.1.1.254. That's it.
Reply With Quote