Sophos XG: Configuration an SNAT rule

Overview

This article explains how to create a Source NAT firewall rule so that outgoing traffic from the internal network will use a different public IP address when connecting to a specific host on the Internet. This can be useful when network restrictions prevent the primary IP for connecting to a website or secure server

Configuration an SNAT rule

  • Login to XG Firewall by admin account

 

  • Network -> Interfaces

 

  • Click on Add Interface and the select Add Alias from the drop-down menu

 

  • Fill out the details -> Click Save

 

  • Hosts and Services -> IP Host -> Click Add to create an IP which you want to NAT ->Save

 

  • Profiles -> In … ->Click Network Address Translation -> Click Add

 

  • Enter a name for NAT Policy and select the IP Host created before -> Click Save to add the NAT policy

 

  • Firewall -> Click Add Firewall Rule

 

  • Enter the parameters as shown in the image below

 

  • Tick NAT & Routing -> Rewrite source address (Masquerading) -> Choose Use Outbound Address -> Click Save

Be the first to comment

Leave a Reply