NAT with original destination option
Options
Freshman Member
Hello,
i have a question about NAT in a ZyWall device (USG210). I need to NAT traffic from DMZ (192.168.1.2) to LAN (172.16.48.2) for a specific port (tcp/1352), but only if original destination matches 10.0.1.2 (a device behind wan interface).
How to achieve?
Hint: with netfilter, I can achieve this by following rule:
Thank you.
Regards, Radim.
i have a question about NAT in a ZyWall device (USG210). I need to NAT traffic from DMZ (192.168.1.2) to LAN (172.16.48.2) for a specific port (tcp/1352), but only if original destination matches 10.0.1.2 (a device behind wan interface).
How to achieve?
Hint: with netfilter, I can achieve this by following rule:
iptables -A PREROUTING -i dmz -d 10.0.1.2 -p tcp -m tcp --dport 1352 -j DNAT --to-destination 172.16.48.2
Thank you.
Regards, Radim.
0
Comments
-
Hello ITMT,
You can follow the steps as below.
Create address object for DMZPC, LanPC and Lan interface.
Also create Service port 1352.
Create the SNAT profile on Routing page.
Charlie0
Zyxel Employee
Categories
- All Categories
- 442 Beta Program
- 2.9K Nebula
- 212 Nebula Ideas
- 127 Nebula Status and Incidents
- 6.4K Security
- 548 USG FLEX H Series
- 341 Security Ideas
- 1.7K Switch
- 84 Switch Ideas
- 1.3K Wireless
- 52 Wireless Ideas
- 6.9K Consumer Product
- 295 Service & License
- 468 News and Release
- 90 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 4.7K FAQ
- 34 Documents
- 87 About Community
- 102 Security Highlight
