NAT with original destination option
Freshman Member
Hello,
i have a question about NAT in a ZyWall device (USG210). I need to NAT traffic from DMZ (192.168.1.2) to LAN (172.16.48.2) for a specific port (tcp/1352), but only if original destination matches 10.0.1.2 (a device behind wan interface).
How to achieve?
Hint: with netfilter, I can achieve this by following rule:
Thank you.
Regards, Radim.
i have a question about NAT in a ZyWall device (USG210). I need to NAT traffic from DMZ (192.168.1.2) to LAN (172.16.48.2) for a specific port (tcp/1352), but only if original destination matches 10.0.1.2 (a device behind wan interface).
How to achieve?
Hint: with netfilter, I can achieve this by following rule:
iptables -A PREROUTING -i dmz -d 10.0.1.2 -p tcp -m tcp --dport 1352 -j DNAT --to-destination 172.16.48.2
Thank you.
Regards, Radim.
0
Comments
-
Hello ITMT,
You can follow the steps as below.
Create address object for DMZPC, LanPC and Lan interface.
Also create Service port 1352.
Create the SNAT profile on Routing page.
Charlie0
Zyxel Employee
Categories
- All Categories
- 415 Beta Program
- 2.5K Nebula
- 155 Nebula Ideas
- 105 Nebula Status and Incidents
- 5.9K Security
- 319 USG FLEX H Series
- 286 Security Ideas
- 1.5K Switch
- 78 Switch Ideas
- 1.1K Wireless
- 42 Wireless Ideas
- 6.6K Consumer Product
- 256 Service & License
- 398 News and Release
- 86 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.7K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 87 About Community
- 78 Security Highlight
