Create a firewall rule with a linked NAT rule

The example shows how to create a firewall rule with a linked NAT rule for outgoing traffic from LAN.

Objectives

When you complete this unit, you’ll know how to do the following:
  • Create a firewall rule to allow traffic from LAN to WAN zone.
  • Specify a linked NAT rule to translate outgoing traffic from the LAN.

Linked NAT network diagram

You can create a linked NAT rule when you create a firewall rule. Use this if you don’t want to manage a NAT rule table and a firewall rule table. You can create linked NAT rules for outgoing traffic because they are source NAT rules. For details, go to the online help.

A linked NAT rule translates only traffic that matches the settings of the firewall rule that it’s linked to. However, if a NAT rule positioned above the linked NAT rule matches the same traffic, the first rule applies to the traffic. The following network information is illustrative:
  • Pre-NAT IP address of LAN users: 10.145.16.10/24
  • Post-NAT IP address of LAN users: MASQ (IP address of the applicable outbound interface)


Here's an example:

  • Firewall rule to allow traffic from LAN to WAN zone: LAN to Any
  • Linked NAT rule for outgoing traffic with masqueraded source: 10.145.16.10/24 translated to MASQ

Specify firewall rule and linked NAT rule settings

  1. Go to Rules and policies > Firewall rules. Select IPv4 or IPv6 protocol and select Add firewall rule. Select New firewall rule.
  2. Enter the rule name and rule position.
  3. Select the source and destination settings.

    Name

    Description

    Source zones

    LAN

    Source networks and devices

    Network_LAN

    Destination zones

    WAN

    Destination networks

    Any

    Services

    Any

  4. Select Create linked NAT rule and specify the rule name and position.
  5. Set Translated source (SNAT) to MASQ.
  6. Select Save to save the linked NAT rule.
  7. Click Save.

    The following image shows an example of how to configure the settings:


    Firewall rule with linked NAT rule
The firewall rule appears in the firewall rule table. The linked NAT rule appears in the NAT rule table.