DNAT rules are applied to traffic packets in descending order, starting with the first DNAT rule at the top of the table. By default, DNAT rules are displayed in the table in the order of creation. The earlier a DNAT rule was created, the higher it is displayed in the table.
You can configure the order in which DNAT rules are applied in a firewall template or on a CPE device. The order in which DNAT rules are applied, which is specified in the firewall template, is automatically propagated to all CPE devices that use this firewall template.
To configure the order in which DNAT rules are applied:
Edit the order in which the DNAT rules are applied in one of the following ways:
If you want to configure the order in which DNAT rules are applied in a firewall template, go to the SD-WAN → Firewall templates menu section, click the firewall template, and select the NAT → DNAT tab.
If you want to configure the order in which DNAT rules are applied on a CPE device, go to the SD-WAN → CPE menu section, click the CPE device, select the Firewall settings → NAT → DNAT tab, and select the Override check box.
A table of DNAT rules is displayed.
Configure the order in which DNAT rules are applied by clicking the Up and Down buttons next to it.
In the upper part of the settings area, click Save to save the settings of the firewall template or CPE device.