Many-to-one is a very common NAT policy on a SonicWall security appliance, and allows you to translate a group of addresses into a single address. Most of the time, this means that you are taking an internal “private” IP subnet and translating all outgoing requests into the IP address of the WAN interface of the firewall (by default, the X1 interface), such that the destination sees the request as coming from the IP address of the firewall’s WAN interface, and not from the internal private IP address.
To create a many-to-one policy
Navigate to the POLICY | Rules and Policies > NAT page.
Click +Add. The Adding NAT Rule dialog displays.
To create a NAT to allow all systems on the X3 interface to initiate traffic using the firewall’s WAN IP address, choose the following options:
Options | Value |
---|---|
Original Source | X3 Subnet |
Translated Source | WAN Interface IP |
Original Destination | Any |
Translated Destination | Original |
Original Service | Any |
Translated Service | Original |
Inbound Interface | X3 |
Outbound Interface | X1 |
Comment | Enter a short description |
Enable | Checked |
Create a reflexive policy | (dimmed) |
Click Add to add and activate the NAT policy. The new policy is added to the NAT table.
Click Cancel.
This policy can be duplicated for subnets behind the other interfaces of the firewall; just: