NAT from source IP by FQDN

Options
PeterUK
PeterUK Posts: 2,856  Guru Member
First Anniversary 10 Comments Friend Collector First Answer

When making a NAT rule for Virtual Server your able to select for source IP a FQDN which would allow a dynamic connection by given FQDN to IP to match the NAT rule.

WILDCARD FQDN are not selectable.


2 votes

Active · Last Updated

Comments

  • mMontana
    mMontana Posts: 1,337  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    Options
    NAT <> Virtual Host.
    NAT chews only IPs, no hostnames.
  • PeterUK
    PeterUK Posts: 2,856  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    Options
    mMontana said:
    NAT <> Virtual Host.
    NAT chews only IPs, no hostnames.

    You don't get how a FQDN works like say pingbox1.thinkbroadband.com as a FQDN the USG does a lookup for the IP


  • mMontana
    mMontana Posts: 1,337  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    Options
    You're probably right.
    I'll gladly read the lecture, if you will write it when you'll have enough time. :)
  • valevecchio
    Options

    Thanks Peter, do you refer to security policy? It's the only rules where I can specify a source IP as FQDN, but if I set this I can't set the dest. port and I wouldn't that this has effect for all NAT because I have some port forwarding without restriction and other with this source restriction.

    Thanks in advance

  • PeterUK
    PeterUK Posts: 2,856  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    edited February 8
    Options

    The idea is for the NAT rule to have select traffic by source FQDN go to a port like port 80 at say 192.168.0.2 but with another rule below for port 80 to have any other traffic go to 80 192.168.0.80

    there is a way you can do the above but needs a VLAN switch and another USG and not with NEBULA

    if your not needing that then you can use security policy