info_i_25x25.png Due to unforeseen weather conditions we are experiencing higher chat wait times. Remember you can also submit a ticket and one of our support representatives will get back to you as soon as possible. We apologize for the inconvenience.

EdgeRouter - Add source NAT rules

Overview


Readers will learn how to add source NAT rules via CLI.

 

There are two types of Source NAT (SNAT) Rules:

  • Masquerade - The most common NAT is a simplified form of SNAT.
  • Source - Specify the translation address and/or port.

Note: NAT source/masquerade rule numbers must start at 5000 or higher. This is an arbitrary limitation that is not noticed when using the web UI.

 

Steps for Masquerade NAT


The following settings are required for minimal configuration of a Source NAT Masquerade Rule:

  • Rule number
  • Outbound interface
  • Source NAT type: masquerade

Here is a configuration of a Source NAT Masquerade Rule:

 

[email protected]# show service
nat {
       rule 5000 {
        outbound-interface eth2
        type masquerade
    }
}

 

The following are options:

  • Source address or network
  • Source port
Note: If you designate a port, then you must also designate the protocol: udptcp, or udp_tcp.
  • Destination address or network
  • Destination port
Note: If you designate a port, then you must also designate the protocol: udptcp, or udp_tcp.
  • Protocol
  • Exclude
  • Description
  • Logging
  • Disable

 

Steps for Source NAT


The following settings are required for minimal configuration of a Source NAT Rule:

  • Rule number
  • Outbound interface
  • Translation address and/or port
  • Source NAT type: source

Here is a configuration of a Source NAT Rule:

[email protected]# show service
nat {
    rule 5000 {
        outbound-interface eth1
        outside-address {
            address 10.0.0.1
        }
        type source
    }

The following are options:

  • Source address or network
  • Source port
Note: If you designate a port, then you must also designate the protocol: udptcp, or udp_tcp.
  • Destination address or network
  • Destination port
Note: If you designate a port, then you must also designate the protocol: udptcp, or udp_tcp.
  • Protocol
  • Exclude
  • Description
  • Logging
  • Disable