SonicOS 7 Rules and Policies

Creating a Many-to-One NAT Policy

Many-to-one is a very common NAT policy on a SonicWall security appliance, and allows you to translate a group of addresses into a single address. Most of the time, this means that you are taking an internal “private” IP subnet and translating all outgoing requests into the IP address of the WAN interface of the firewall (by default, the X1 interface), such that the destination sees the request as coming from the IP address of the firewall’s WAN interface, and not from the internal private IP address.

To create a many-to-one policy

  1. Navigate to the POLICY | Rules and Policies > NAT Rules page.

  2. Click +Add. The Adding NAT Rule dialog displays.

  3. To create a NAT policy to allow all systems on the X3 interface to initiate traffic using the firewall’s WAN IP address, choose the following options:

    Option choices: Many-to-One NAT Policy Example
    Options Value
    Original Source X3 Subnet
    Translated Source WAN Interface IP
    Original Destination Any
    Translated Destination Original
    Original Service Any
    Translated Service Original
    Inbound Interface X3
    Outbound Interface X1
    Comment Enter a short description
    Enable NAT Policy Checked
    Create a reflexive policy (dimmed)
  4. Click Add to add and activate the NAT policy. The new policy is added to the NAT Rules table.

  5. Click Cancel.

    This policy can be duplicated for subnets behind the other interfaces of the firewall; just:

    1. Replace the Original Source with the subnet behind that interface.
    2. Adjust the source interface.
    3. Add another NAT policy.

Was This Article Helpful?

Help us to improve our support portal

Techdocs Article Helpful form

Techdocs Article NOT Helpful form

  • Still can't find what you're looking for? Try our knowledge base or ask our community for more help.