NAT with original destination option
Freshman Member
Hello,
i have a question about NAT in a ZyWall device (USG210). I need to NAT traffic from DMZ (192.168.1.2) to LAN (172.16.48.2) for a specific port (tcp/1352), but only if original destination matches 10.0.1.2 (a device behind wan interface).
How to achieve?
Hint: with netfilter, I can achieve this by following rule:
Thank you.
Regards, Radim.
i have a question about NAT in a ZyWall device (USG210). I need to NAT traffic from DMZ (192.168.1.2) to LAN (172.16.48.2) for a specific port (tcp/1352), but only if original destination matches 10.0.1.2 (a device behind wan interface).
How to achieve?
Hint: with netfilter, I can achieve this by following rule:
iptables -A PREROUTING -i dmz -d 10.0.1.2 -p tcp -m tcp --dport 1352 -j DNAT --to-destination 172.16.48.2
Thank you.
Regards, Radim.
0
Comments
-
Hello ITMT,
You can follow the steps as below.
Create address object for DMZPC, LanPC and Lan interface.
Also create Service port 1352.
Create the SNAT profile on Routing page.
Charlie0
Zyxel Employee
Categories
- All Categories
- 434 Beta Program
- 2.7K Nebula
- 172 Nebula Ideas
- 117 Nebula Status and Incidents
- 6.1K Security
- 407 USG FLEX H Series
- 297 Security Ideas
- 1.6K Switch
- 78 Switch Ideas
- 1.2K Wireless
- 43 Wireless Ideas
- 6.7K Consumer Product
- 268 Service & License
- 416 News and Release
- 87 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 4.1K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 82 About Community
- 83 Security Highlight
