[ATP/FLEX] How to set up Virtual Server on Nebula
Master Member
The Virtual Server feature is able to publish internal servers to the internet which allows you to access services in the internal network behind Firewall. This article illustrates how to set up Virtual Server on Nebula.
In this example, WAN1 IP is mapped to HFS server 1 and WAN2 is mapped to HFS server 2.
Configuration steps
Go to Firewall > Configure > NAT and create two rules for virtual servers.
Uplink: Select the WAN interface you want to map from.
Public IP/Port: Input the address/port that receives the packets
LAN IP/Port: Input the address/port that you want to map to.
Allow Remote IPs: It's equal to a whitelist. You can fill in a "," syntax for adding multiple IP addresses, or /24 for a range of IP addresses. “Any” means all IP addresses are allowed.
Note: You don't need to create a firewall rule on Nebula as you did in on-premises mode. It will be automatically created while creating the NAT rules.
To check the automatically created firewall rules, please input the CLI command "debug sdwan show firewall running-config" and the rules will be named after "SN_port_forwarding_IndexNumber".
If you want to block an unfriendly IP address or Geo IP instead of an allow list, you can create a security policy to block them.
Test Result
Access the local HFS server by http://10.214.48.26:4430 and http://10.214.30.66:4430.
Categories
- 8K All Categories
- 1.6K Nebula
- 60 Nebula Ideas
- 54 Nebula Status and Incidents
- 4.4K Security
- 222 Security Ideas
- 963 Switch
- 45 Switch Ideas
- 863 WirelessLAN
- 20 WLAN Ideas
- 5.2K Consumer Product
- 138 Service & License
- 268 News and Release
- 53 Security Advisories
- 11 Education Center
- 573 FAQ
- 273 Nebula FAQ
- 132 Security FAQ
- 73 Switch FAQ
- 72 WirelessLAN FAQ
- 7 Consumer Product FAQ
- Documents
- 34 Nebula Monthly Express
- 70 About Community
- 40 Security Highlight