Single Address for FTP, HTTP, and SMTP (Static Auto NAT-with-Port-Translation)
The following static NAT-with-port-translation example provides a single address for remote users to access FTP, HTTP, and SMTP. These servers are actually different devices on the real network, but for each server, you can specify static NAT-with-port-translation rules that use the same mapped IP address, but different ports.
Before you begin
Ensure that you have interface objects (security zones or interface groups) that contain the interfaces for the device that protects the servers. In this example, we will assume the interface objects are security zones named inside and outside. To configure interface objects, select , then select Interface.
Procedure
Step 1 | Create a network object for the FTP server. |
Step 2 | Create a network object for the HTTP server. |
Step 3 | Create a network object for the SMTP server. |
Step 4 | Create a network object for the public IP address used for the three servers. |
Step 5 | Configure static NAT with port translation for the FTP server, mapping the FTP port to itself. |
Step 6 | Configure static NAT with port translation for the HTTP server, mapping the HTTP port to itself. |
Step 7 | Configure static NAT with port translation for the SMTP server, mapping the SMTP port to itself. |
Step 8 | Click Save on the NAT rule page. |