Configure Policy-Based 1-to-1 NAT

In policy-based 1-to-1 NAT, your Firebox uses the private and public IP ranges that you set when you configured global 1-to-1 NAT, but the rules are applied to an individual policy. 1-to-1 NAT is enabled in the default configuration of each policy. If traffic matches both 1-to-1 NAT and dynamic NAT policies, 1-to-1 NAT takes precedence.

Enable Policy-Based 1-to-1 NAT

Because policy-based 1-to-1 NAT is enabled by default, you do not have to do anything to enable it. If you have previously disabled policy-based 1-to-1 NAT, to enable it again, select the 1-to-1 NAT check box in the policy configuration.

Disable Policy-Based 1-to-1 NAT

  1. Select Firewall > Firewall Policies.
    The Firewall Policies list appears.
  2. Select a policy.
  3. From the Action drop-down list selectEdit Policy .
  4. Click the Advanced tab.

Sscreen shot of the Policy Configuration — Advanced tab

  1. Clear the 1-to-1 NAT check box to disable NAT for the traffic controlled by this policy.
  2. Click Save.
  1. Right-click a policy and select Modify Policy.
    The Edit Policy Properties dialog box appears.
  2. Click the Advanced tab.

Screen shot of the Edit Policy Properties dialog box - Advanced tab

  1. Clear the 1-to-1 NAT check box to disable NAT for the traffic controlled by this policy.
  2. Click OK.
  3. Save the Configuration File.

Related Topics

About 1-to-1 NAT

Configure Firewall 1-to-1 NAT