This guide describes how to setup 1:1 NAT in ZLD enabled appliances. Let’s say the ZyXEL appliance has some extra IP-addresses available. With 1:1 NAT all requests to e.g. 18.104.22.168 will be directly forwarded to the selected internal client.
2. Create Address Objects
To create a NAT One-to-One rule, the simplest way is to start with creating address objects.
In this tutorial we will create two objects, one for the secondary WAN IP-address and one for the server’s internal IP address.
To create an address object go to the configuration menu. Select the Object -> Address menu. Click the Add button.
Give the object a name. Choose “Host” as Address Type, and insert the secondary WAN IP-address.
Use the same step for the server’s host object.
3. Create NAT Rule
To create the NAT rule, go to Configuration -> Network -> NAT menu, and click the Add button.
- Enable rule.
- Insert a rule name.
- Select 1:1 NAT.
- Choose the incoming interface (usually WAN1 or ge2).
- Select the new Ext_WAN_IP object as Original IP.
- Select Int_SRV_IP as Mapped IP.
- Set Port Mapping Type as ANY.
- Click the OK
- Note: NAT Loopback can be activated, so internal clients can contact server with public IP-address.
4. Create Policy Control Rule
As the final step, we need to create a Policy Control rule, to allow traffic to pass through to the server. Go to the Configuration -> Security Policy -> Policy Control menu and press the Add button to insert a rule.
- Provide a name to the Policy Control rule.
- Select FROM WAN TO LAN1.
- Insert your servers IP address object as Destination.
- Select your preferred Service or Service Group. In this case HTTP is selected.
- Set Access as Allow.
- Enable Log if needed.
- Click the OK button