This policy is easy to set up and activate. Select Network > Address Objects and click on the Add button at the bottom of the screen. In the Add Address Object window, enter a description for server’s private IP address in the Name field. Choose Host from the Type menu, enter the server’s private IP address in the IP Address field, and select the zone that the server assigned from the Zone Assignment menu. Click OK. Then, create another object in the Add Address Object window for the server’s public IP address and with the correct values, and select WAN from Zone Assignment menu. When done, click on the OK button to create the range object.
Next, select Network > NAT Policies and click on the Add button to display the Add NAT Policy window. To create a NAT policy to allow the Web server to initiate traffic to the public Internet using its mapped public IP address, choose the following from the drop-down menus:
|
•
|
Original Source—webserver_private_ip
|
|
•
|
Translated Source—webserver_public_ip
|
|
•
|
|
•
|
Translated Destination—Original
|
|
•
|
Original Service—Any
|
|
•
|
Translated Service—Original
|
|
•
|
|
•
|
|
•
|
Comment—Enter a short description
|
|
•
|
Enable NAT Policy—Checked
|
|
•
|
Create a reflective policy—Checked (Cannot be applied when “Translated Destination: Original” is selected)
|
When done, click on the OK button to add and activate the NAT Policy. With this policy in place, the SonicWall security appliance translates the server’s private IP address to the public IP address when it initiates traffic out the WAN interface (by default, the X1 interface).
You can test the One-to-One mapping by opening up a Web browser on the server and accessing the public Website http://www.whatismyip.com. The Website should display the public IP address we attached to the private IP address in the NAT policy we just created.