NAT Rules

NAT address translation rules are based on the source and destination IPv4 addresses and ports. Similar to security policies, NAT policy rules are compared against the incoming traffic in sequence, and the first rule matching the traffic is applied.

You can apply NAT rules to all physical interfaces except the MGMT interface.

For Cloud Edge gateways with wireless network functionality, you can configure NAT rules on a wireless network interface provided that the wireless network (main or guest) is enabled.

As needed, add static routes to the local router so that traffic to all public IPv4 addresses is routed to Cloud Edge. You can also add static routes to the receiving interface on Cloud Edge to route traffic back to the private IPv4 address.

Consideration when both client and server access a gateway from the same LAN interface

When a client and server access the Cloud Edge gateway from the same LAN interface, the client cannot access this server by domain name. You can support this scenario by adding both a source NAT rule and a destination NAT rule to this LAN interface. See Adding NAT Rules to Support Hairpin NAT.