Showing results for 
Search instead for 
Did you mean: 

Mcafee Firewall Enterprise NAT (Inside to Outside)

Hola todos, ante todo, disculpas por la traducción al inglés.

Me gustaría saber si el escenario siguiente es posible en el Firewall enterprise:

LAN -- --


NAT Pool:

Teniendo en cuenta lo anterior, me gustaría realizar NAT donde un host X con IP sea nateado en el Firewall con el IP

Tener presente que la subred no está asignada a ninguna interfaz del Firewall.


I wonder if the following scenario is possible in the Firewall enterprise :

LAN -- / 24 - LANGW-- / 30 - FW - / 30 - ROUTER - / 30 - ISP

NAT Pool:

Given the above, I would like to make NAT where X host with IP to pass through the firewall, is NATed to the address

Keep in mind that the subnet is not assigned to any interface Firewall.

0 Kudos
2 Replies
Level 14

Re: Mcafee Firewall Enterprise NAT (Inside to Outside)

You can NAT to any IP address you want, even if it's not on any of the firewall's interfaces.  If you do this then you must make sure that the receiving device knows to route back to the firewall for the reply traffic for these IP addresses, i.e. you must add a route on the outside devices pointing back to the firewall for this IP address range.  Keep in mind that these devices will then not be able to get to the 'real' addresses that exist on the internet.

The firewall cannot NAT to a pool of IP addresses, though.  It can do many-to-one NAT and one-to-one NAT but not one-to-many.  If you have the same size subnets (which you do, LAN:, NAT Pool: you can create a Netmap object, which will NAT to, to, etc.

Re: Mcafee Firewall Enterprise NAT (Inside to Outside)


Muchas gracias, su respuesta es lo que buscaba.


0 Kudos