Reply To: nat reflection

Home Page Forums Network Management ZeroShell nat reflection Reply To: nat reflection

#45405

thund3rman
Member

When configuring PAT, you have two options (at least in beta11 from what I read in this forums):
1. Apply PAT rule to the WAN interface;
2. Apply the PAT rule to the WAN IP.

If you choose option 1, when inside the local network, if you try to access to the WAN IP, you connect directly to the firewall and not to the server you wanted, because your traffic doesn’t go through the WAN interface.

Option 2 is only a real option if you have a static ip in your WAN interface. If you have a dynamic ip address, as the configuration for option 2 requires an IP address and you don’t know it, you can’t use it.

NAT reflection is a feature of several other products that allows you to have the behaviour of option 2 when using option 1.
In zeroshell you don’t have a possibility to configure that behaviour. Maybe a checkbox in option 1 could define a rule that did this through the hooks of dhcp (to refresh the rules on dhcp renewall)