Source NAT (SNAT) changes the source address in the IP header of a packet. The primary purpose is to change the private (RFC 1918) address/port into a public address/port for packets leaving the network. Cloud Edge automatically creates a default source NAT rule. You can create additional source NAT rules or modify the default source NAT rule. To modify the default source NAT rule, see Modifying NAT Rules.
- Go to .
- Select Source for NAT type.
-
Configure the NAT settings:
Option Description Egress interface
Select ANY or any L3 interface (for example, WAN) from the drop-down box list to act as an interface for egress traffic, which is traffic that originates from inside the network.
For Cloud Edge gateways with wireless network functionality, you can select a wireless network interface as the egress interface provided that wireless network (main or guest) is enabled.
Source IP translation / Translate to
Select one of the following methods for source IP translation:
- Egress interface IP address
If this method is selected, the Translate to option is not available. The egress interface's IP address is used for translation.
- Single IP address and then
specify an IP address for Translate to
The specified IP address is used for translation.
- IP address range and then
specify an IP address range for Translate
to
The specified IP address range is used for translation.
- Subnet and then specify a
subnet for Translate to
The subnet is used for translation.
Note:If you select Single IP address, IP address range, or Subnet, you must explicitly specify an L3 interface for the Egress interface option.
Description
Specify an identifying characteristic about use or configuration for the NAT rule.
Set matching condition
You can expand the Set matching condition section to specify more detailed information or matching conditions, including:- Protocol—Any, TCP, UDP, or ICMP. Any means all protocols.
- Source IP address range—Specified by the network.
- Source port range—Specified by administrator.
- Destination IP address range—Specified by administrator.
- Destination port range—Specified by administrator.
Note: If you specify ICMP for Protocol, the Source port range and Destination port range options are not available. - Egress interface IP address
- Click Save.
- Verify that the new rule is added to the list of NAT rules.