Loop back NAT: Traffic dropped as Policy Drop
03/26/2020 102 People found this article helpful 392,957 Views
Description
When configuring a loopback NAT and running traffic matching this rule, the traffic is dropped as "Policy Drop".
Cause
The traffic is dropped due to a missing or incorrectly configured Access Rule.
Resolution
Configure an access rule to allow traffic from the private Source IPs to the public IP of the destination.
Example:
- Source zone is the LAN with subnet 192.168.1.0/24
- The server is in DMZ zone with private IP 10.1.1.2 reachable through a public IP 1.1.1.1.
The access rule should be created from LAN to DMZ with:
- Source: 192.168.1.0/24
- Destination: 1.1.1.1
The access rule is matched before the NAT Policy is applied so when the traffic arrives to the SonicWall the destination IP is still the public even if the SonicWall already knows what's the destination zone.
Related Articles
Categories
Was This Article Helpful?
YESNO