Network > NAT Policies
262
SonicOS Enhanced 4.0 Administrator Guide
When finished, click on the OK button to add and activate the NAT policies. With these policies
in place, the SonicWALL security appliance translates the servers’ private IP addresses to the
public IP address when it initiates traffic out the WAN interface.
Step 4 Go to the Network > NAT Policies menu and click on the Add button. The Add NAT Policy
window is displayed. To create the NAT policies to map the custom ports to the servers’ real
listening ports and to map the SonicWALL’s WAN IP address to the servers’ private addresses,
choose the following from the drop-down boxes:
• Original Source: Any
• Translated Source: Original
• Original Destination: WAN Primary IP
• Translated Destination: servone_private_ip
• Original Service: servone_public_port
• Translated Service: HTTP
• Inbound Interface: WAN
• Outbound Interface: Any
• Comment: Enter a short description
• Enable NAT Policy: Checked
• Create a reflective policy: Unchecked
And:
• Original Source: Any
• Translated Source: Original
• Original Destination: WAN Primary IP
• Translated Destination: servtwo_private_ip
• Original Service: servtwo_public_port
• Translated Service: HTTP
• Source Interface: WAN
• Destination Interface: Any
• Comment: Enter a short description
• Enable NAT Policy: Checked
• Create a reflective policy: Unchecked
Note Make sure you choose ‘Any’ as the destination interface, and not the interface that
the server is on. This may seem counter-intuitive, but it’s actually the correct thing to
do (if you try to specify the interface, you get an error).
When finished, click on the ‘OK’ button to add and activate the NAT policies. With these policies
in place, the SonicWALL security appliance translates the server’s public IP address to the
private IP address when connection requests arrive from the WAN interface.
Step 5 Create the access rules that allows anyone from the public Internet to access the two
webservers using the custom ports and the SonicWALL security appliance’s WAN IP address.