Classic PAT (Port Address Translation), how?

ragvol · November 2019

Hello, I am looking to achieve what in Cisco world is called PAT/Nat Overload on a USG60w.

My Lan is 192.168.1.x/24 and I'd like to translate all traffic so it's sourced from a single WAN ip x.x.x.x.

I realise this is a very simple request, yet I cannot find a guide that describes how to achieve this.

Thank you

mMontana · November 2019

If i am not wrong, you should look for 1:1 NAT. Don't forget firewall rules (Security Policy -> Policy Control) and outgoing routing for that.

I am assuming that your WAN connection has multiple IP addreses and you want to redirect all the traffinc coming from one to another IP Address on your LAN...

If i am assuming the wrong thing (no experience on Cisco) please try to explain what you're looking for.

zyman2008 · November 2019

Hi @ragvol,

By default, USG will auto PAT for LAN network addresses to WAN interface IP address.

If you would like to translate to specific public IP address.

Then it achieve policy route rules.

Here the steps

1.Create single public IP or IP pool

Go to Object > Address/GeoIP > Address tab, click Add button to create address object.
- A single IP

An IP Pool

2.Create Policy route rule,

Go to Network > Routing > Policy Route tab, click Add button to create rule,
- On the Criteria section, you can configure the Source/Destination address (like the Cisco ACL)
- On the bottom, address translation, select the IP or IP Pool object created in step 1.

ragvol · November 2019

Hello and thank you both!

By default, USG will auto PAT for LAN network addresses to WAN interface IP address.

This is exactly the answer to the doubt I had. Thank you for the detailed steps as well.

I wish you a pleasant day.

Classic PAT (Port Address Translation), how?

All Replies

Categories

Security Highlight

Security Help Center