Port forwarding rules are similar to DNAT rules, except that these rules allow you to modify the port number for publication of an internal service. To create a port forwarding rule, click Add in Network policies-->NAT and routing and then provide the necessary parameters.
Important! Rules are applied from top to bottom in the same order as they appear in the console. Only the first rule for which all its specific conditions are met will be applied. Therefore, make sure to place more specific rules above the more common ones in the list. Use the Up/Down buttons to change the order of rules in the list.
Important! The rule will be applied only when all its specific conditions are met. The Negate checkbox makes the condition opposite to the initial condition, i.e. corresponds to logical negation (NOT).
|
Name |
Description |
|---|---|
|
On/Off |
Enable or disable the rule |
|
Name |
Name of the rule |
|
Comment |
Description of the rule |
|
Type |
Select Port forwarding |
|
Enable logging |
Logs information about traffic when a rule is triggered. The following modes can be used:
|
|
Source |
A source zone and/or a list of source IP addresses for the traffic. |
|
Destination |
A destination zone and/or a list of destination IP addresses for the traffic. |
|
Port forwarding |
Modify the ports of the published services:
|
|
DNAT destination address |
IP address which is assigned to a workstation in a local area network and will be published on the Internet. |
|
Enable SNAT |
When this option is enabled, UserGate will be replacing source addresses in packets from external networks with its own IP address. |