In the main menu of the Open Single Management Platform Console, go to the Application & Services → NGFW section.
This opens the Policy tab.
Go to the NAT rules section.
This opens the table of translation rules.
In the upper part of the workspace, click the Create button.
This opens the translation rule creation window.
A unique number (UUID) is automatically assigned to the rule.
Go to the General section and follow these steps:
If you want to apply the rule immediately after adding it, enable the Status toggle switch. If you do not want to apply the rule, disable this toggle switch. This toggle switch is disabled by default.
The name of the rule must be unique among all rules. The maximum length is 128 characters.
If necessary, in the Description field, enter an arbitrary description of the rule.
Maximum length: 1024 characters.
In the Type field, select the Static destination NAPT type.
If you want to change the priority of the created rule, in the Priority field, specify the position of the rule in the table.
By default, the rule is saved with the biggest priority value (at the end of the table). Rules with a smaller priority number are applied earlier.
Go to the Original packets → Source section and select one of the following options:
Any (default) applies this rule to traffic with any source parameters.
Custom applies this rule only to traffic with the selected source IP addresses or security zone.
If you select Custom, specify the original source parameters to which the rule must apply:
Select the Addresses tab and in the Used in rule column, set the toggle switch to On for one or more IP addresses, IP address ranges, or subnets that you want to add to the rule. If you want to add multiple objects at the same time, select check boxes next to the objects and click Use in rule.
If you want to apply the rule to incoming traffic at IP addresses of the interfaces included in a security zone, select the Security zones tab, and in the Used in rule column, set the toggle switch to On fro the security zone that you want to add to the rule. You can add only one security zone to a rule.
Go to the Original packets → Destination section and select one of the following options:
Any (default) applies this rule to traffic with any destination parameters.
Custom applies this rule only to traffic with the selected IP address.
If you selected Custom, select the Addresses tab and in the Used in rule column, set the toggle switch to On for one or more IP addresses that you want to add to the rule. If you want to add multiple IP addresses at the same time, select check boxes next to the IP addresses and click Use in rule. IP address ranges and subnets are not supported.
Go to the Original packets → Services section and select one of the following options:
Any (default) applies this rule to traffic with any service parameters.
Custom applies this rule only to traffic with the selected services.
If you selected Custom, in the Used in rule column, set the toggle switch to On for services that you want to add to the rule. If you want to add multiple services at the same time, select check boxes next to the services and click Use in rule.
You can only add TCP or UDP services with one destination port to the rule.
Specify the translation parameters that you want the rule to apply:
Go to the Translated packets → Destination section.
Select the Addresses tab and in the Used in rule column, set the toggle switch to On for IP addresses to which want to translate. IP address ranges and subnets are not supported.