Best practise for AON NAT-ing the LAN
Hi! I was thinking …
If I create an outbound mapping on my WAN interface for traffic originating from my LAN to a specific subnet on WAN.... Like this:
WAN 10.10.10.1/32 * 22.214.171.124/24 * * * NO
There are no more outbound mapping for the WAN interface
Then what if I have generous firewall rules that will allow any traffic on my LAN to any destination…. Would I expose my internal addresses on the WAN interface side?
(You may ask why I not just make a NAT mapping to ANY destination instead, -It's because I don't want to risk that the LAN traffic reaches other networks over that specific interface)
I'd be so happy to learn... :) :) :)