multiple WAN IP SNAT after port forward
-
Hey guys,
I have a basic question regarding SNAT with multiple WAN IPs.
I'm changing my ISP in 4 weeks and will get a /27 public IP range. I've already read through the docs and added several virtual IPs to my WAN.
Since this is my first time using more then one public IP, I'm not sure whats the correct way to handle port forwarding and SNAT.
If I create a portforward with destination to WANIP3, do I need to create a SNAT rule for replying with the same WANIP3?
Is this "auto-created" when using hybrid mode? If so, will it NAT out everything to WANIP3 or only the replies from my portforward?Thanks a lot
-
@groebi Maybe start by defining your acronyms/initialisms.
Port forwards apply NAT to destinations on connections coming into that interface.
Outbound NAT applies NAT to sources on connections leaving an interface.
1:1 NAT does both incoming and outgoing connections as above.
-
@Derelict sry, reading a lot of iptables lately
Port forwards apply NAT to destinations on connections coming into that interface.
So if one port forward rule is created, do I still need to create a outbound NAT rule to reply?
-
Reply traffic is handled automatically by the stateful nature of the firewall.
It all depends on which direction the connection is established from outside to inside (a port forward) or inside to outside (outbound NAT).
-
@derelict thanks a lot