Advanced NAT options

Topic

This article describes the advanced network address translation (NAT) configuration options of the Datto Networking Appliance (DNA). Use this article as a guide when setting up SNAT and DNAT on your device.

Environment

Datto Networking Appliance (DNA)

Description

Source Network Address Translation (SNAT) and Destination Network Address Translation (DNAT) let you rewrite the addresses of inbound and outbound network traffic that matches a set of specified parameters.

Navigation

1. Log into the DNA web interface, click the Firewall tab, then click Advanced NAT.

Figure 1: The Advanced NAT card in the DNA interface

Configuration

Click Add Rule to create a new NAT rule. You can create multiple rules. Use the following fields and options to configure your rule:

Name: In this field, you can specify a name for the rule.
Src IP: Enter the source IP address the rule will use. The source IP must be a valid address, subnet, or network object. To apply to a subnet, use CIDR notation (i.e., 192.168.1.0/24). If you leave this field blank, the rule will apply to all source IP addresses.
Src Port: Enter the source port or port range this rule will use. For example, you can specify outgoing traffic on port 80. If you leave this field blank, the rule will apply to all ports.
Protocol: This menu lets you define the traffic type to which the rule applies. You can select from the following options:
- All
- TCP
- UDP
- TCP & UDP
Dest IP: Enter the destination IP address the rule will use. The destination IP must be a valid address, subnet, or network object. To apply to a subnet, use CIDR notation (i.e., 192.168.1.0/24). If you leave this field blank, the rule will apply to all destination IP addresses.
Dest Port: Enter the destination port for the rule. For example, you can specify outgoing traffic on port 80.. If you leave this field blank, the rule will apply to all ports.
Enabled: Check this box to activate the rule.
Order: This field lets you attribute a numerical priority to the rule. When applied to traffic, the lowest value represents the highest priority (1, 2, 3, etc.).
Type: Use this field to specify whether you are applying the rule to source traffic (SNAT) or destination traffic (DNAT).
Rewritten IP: Use this field to specify the incoming or outgoing translated IP address. A valid IP address or subnet is required unless you check the Bypass box.
Rewritten Port: Use this field to specify the SNAT/DNAT translated IP address. A valid port is required unless you check the Bypass box to enable bypass mode.
Bypass: Check this box to enable bypass mode for this rule.
Delete: Press the X button to delete the rule.

Click Save Changes to save all modified settings.

Figure 2: Advanced NAT configuration options

	Need troubleshooting help? Open the Kaseya Helpdesk.
	Want to talk about it? Head on over to the Community!
	Have an idea for a new feature? Want to learn about upcoming enhancements? Visit the Ideas forum!
	Provide feedback for the Documentation team.

Advanced NAT options

Topic

Environment

Description

Navigation

Configuration

Additional Resources

Why wasn't this article helpful? (check all that apply)

Great!