Security Gateway Manual Netgate-4200
Automatic or Hybrid Outbound NAT
If the mode is set to Automatic or Hybrid, then this likely does not need further configuration.
Ensure the new LAN subnet is listed as a Source in the Automatic Rules at the bottom of the page. If so, skip ahead
to the next section to configure Firewall Rules.
Manual Outbound NAT
If the mode is set to Manual, create a new rule or set of rules to cover the new subnet.
• Click to add a new rule at the top of the list
• Configure the rule as follows:
Interface
Choose the WAN interface. If there is more than one WAN interface, add separate rules for each
WAN interface.
Address Family
IPv4
Protocol
Any
Source
Either choose OPTx Subnets, which will automatically reference the new interface, or choose
Network or Alias and manually fill in the new subnet, e.g. 192.168.2.0/24.
Destination
Any
Translation Address
WAN Address (or the customized name matching the WAN/egress interface)
Description
Text describing the rule, e.g. Guest LAN outbound on WAN
• Click Save
• Click Apply Changes
Alternately, clone existing NAT rules and adjust as needed to match the new LAN.
2.6.6 Firewall Rules
By default there are no firewall rules on the new interface, so the firewall will block all traffic. This is not ideal for a
LAN as generally speaking, the clients on this LAN will need to contact hosts through the firewall.
Rules for this interface can be found under Firewall > Rules, on the OPTx tab (or the custom name, e.g. GUESTS).
There are two common scenarios administrators typically choose for local interfaces: Open and Isolated
© Copyright 2024 Rubicon Communications LLC 57
To Next Page
Loading...
