User Tools
sophos:dnat_webserver
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision | |||
|
sophos:dnat_webserver [2018/03/12 00:24] admin |
sophos:dnat_webserver [2018/03/12 00:28] (current) admin |
||
|---|---|---|---|
| Line 18: | Line 18: | ||
| ===== Example DNAT Scenario ===== | ===== Example DNAT Scenario ===== | ||
| + | {{ :sophos:sophosxg_webserver1.png |}} | ||
| + | |||
| + | ===== How to configure DNAT for an internal server ===== | ||
| - | How to configure DNAT for an internal server | ||
| Navigate to Firewall then click +Add Firewall Rule and select Business Application Policy. | Navigate to Firewall then click +Add Firewall Rule and select Business Application Policy. | ||
| + | {{ :sophos:sophosxg_webserver2.png |}} | ||
| Select Application Template and choose DNAT/Full NAT/Load Balancing. | Select Application Template and choose DNAT/Full NAT/Load Balancing. | ||
| + | {{ :sophos:sophosxg_webserver3.png |}} | ||
| Fill out the settings as shown below: | Fill out the settings as shown below: | ||
| + | {{ :sophos:sophosxg_webserver4.png |}} | ||
| + | {{ :sophos:sophosxg_webserver5.png |}} | ||
| - | Source Zones: WAN | + | * Source Zones: WAN |
| - | Allowed Client Networks: Any | + | * Allowed Client Networks: Any |
| - | Destination Host/Network: WAN Interface | + | * Destination Host/Network: WAN Interface |
| - | Forward Type: Select the port, port range or port list that need to be forward from the WAN to the internal server. | + | * Forward Type: Select the port, port range or port list that need to be forward from the WAN to the internal server. |
| - | Protected Servers: Select or create an existing host entry for the server. | + | * Protected Servers: Select or create an existing host entry for the server. |
| - | Protected Zone: Select the Zone in which the host resides (LAN or DMZ). | + | * Protected Zone: Select the Zone in which the host resides (LAN or DMZ). |
| - | Change Destination Port(s): Only check this if you wish to change ports like redirecting port 80 to port 9000. | + | * Change Destination Port(s): Only check this if you wish to change ports like redirecting port 80 to port 9000. |
| - | Rewrite source address (Masquerading): unchecked | + | * Rewrite source address (Masquerading): unchecked |
| - | Optional | + | * Optional |
| - | Create Reflexive Rule: Check if the server will be initiating outgoing connections. | + | * Create Reflexive Rule: Check if the server will be initiating outgoing connections. |
| - | Click Save to apply. | + | * Click Save to apply. |
sophos/dnat_webserver.1520810656.txt.gz · Last modified: 2018/03/12 00:24 by admin
Page Tools
