NAT Configuration

The default of translating internal traffic to the WAN IP must be overridden when using public IP addresses on an internal interface.

  • Browse to Firewall > NAT
  • Click the Outbound tab
  • Select Hybrid Outbound NAT rule generation
  • Click Save
  • Click  to add a new rule to the top of the list with the following settings:

Do not NAT Checked, so that NAT will be disabled

Interface WAN

Protocol Any

Source Network, enter the local public IP subnet, 192.0.2.128/29

Destination Any

  • Click Save

This will override the default automatic rules which translate all traffic from local interfaces leaving the WAN interface to the WAN IP address. Traffic sourced from the OPT1 network 192.0.2.128/29 is not translated because of the manually added rule excluding it from NAT. This configuration maintains the automatic behavior for other internal interfaces, so that the advantages of automatic outbound NAT rules are not lost.

If public IP addresses are used on all local interfaces, then set Disable Outbound NAT rather than using Hybrid mode.

© Copyright 2025 . All Rights Reserved. AZTCO-FW| Developed By AZTCO-FW. Powered by AZTCO.