NAT with original destination option
Options
Freshman Member
Hello,
i have a question about NAT in a ZyWall device (USG210). I need to NAT traffic from DMZ (192.168.1.2) to LAN (172.16.48.2) for a specific port (tcp/1352), but only if original destination matches 10.0.1.2 (a device behind wan interface).
How to achieve?
Hint: with netfilter, I can achieve this by following rule:
Thank you.
Regards, Radim.
i have a question about NAT in a ZyWall device (USG210). I need to NAT traffic from DMZ (192.168.1.2) to LAN (172.16.48.2) for a specific port (tcp/1352), but only if original destination matches 10.0.1.2 (a device behind wan interface).
How to achieve?
Hint: with netfilter, I can achieve this by following rule:
iptables -A PREROUTING -i dmz -d 10.0.1.2 -p tcp -m tcp --dport 1352 -j DNAT --to-destination 172.16.48.2
Thank you.
Regards, Radim.
0
Comments
-
Hello ITMT,
You can follow the steps as below.
Create address object for DMZPC, LanPC and Lan interface.
Also create Service port 1352.
Create the SNAT profile on Routing page.
Charlie0
Zyxel Employee
Categories
- All Categories
- 435 Beta Program
- 2.7K Nebula
- 176 Nebula Ideas
- 117 Nebula Status and Incidents
- 6.1K Security
- 425 USG FLEX H Series
- 298 Security Ideas
- 1.6K Switch
- 78 Switch Ideas
- 1.2K Wireless
- 44 Wireless Ideas
- 6.7K Consumer Product
- 274 Service & License
- 419 News and Release
- 88 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 4.2K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 89 Security Highlight
