NAT from source IP by FQDN

PeterUK

When making a NAT rule for Virtual Server your able to select for source IP a FQDN which would allow a dynamic connection by given FQDN to IP to match the NAT rule.

WILDCARD FQDN are not selectable.

mMontana

NAT <> Virtual Host.

NAT chews only IPs, no hostnames.

PeterUK

mMontana said:

NAT <> Virtual Host.

NAT chews only IPs, no hostnames.

You don't get how a FQDN works like say pingbox1.thinkbroadband.com as a FQDN the USG does a lookup for the IP

mMontana

You're probably right.
I'll gladly read the lecture, if you will write it when you'll have enough time.

valevecchio

https://community.zyxel.com/en/discussion/15052/nat-from-source-ip-by-fqdn

Thanks Peter, do you refer to security policy? It's the only rules where I can specify a source IP as FQDN, but if I set this I can't set the dest. port and I wouldn't that this has effect for all NAT because I have some port forwarding without restriction and other with this source restriction.

Thanks in advance

PeterUK

The idea is for the NAT rule to have select traffic by source FQDN go to a port like port 80 at say 192.168.0.2 but with another rule below for port 80 to have any other traffic go to 80 192.168.0.80

there is a way you can do the above but needs a VLAN switch and another USG and not with NEBULA

if your not needing that then you can use security policy