SonicOS 7.0 Rules and Policies for Classic Mode

NAT Rules > Creating NAT Rule Policies: Examples > Creating a Many-to-One NAT Policy
Table of Contents

Creating a Many-to-One NAT Policy

Many-to-one is a very common NAT policy on a SonicWall security appliance, and allows you to translate a group of addresses into a single address. Most of the time, this means that you are taking an internal “private” IP subnet and translating all outgoing requests into the IP address of the WAN interface of the firewall (by default, the X1 interface), such that the destination sees the request as coming from the IP address of the firewall’s WAN interface, and not from the internal private IP address.

To create a many-to-one policy

  1. Navigate to the POLICY | Rules and Policies > NAT page.

  2. Click +Add. The Adding NAT Rule dialog displays.

  3. To create a NAT to allow all systems on the X3 interface to initiate traffic using the firewall’s WAN IP address, choose the following options:

    Option choices: Many-to-One NAT Example
    Options Value
    Original Source X3 Subnet
    Translated Source WAN Interface IP
    Original Destination Any
    Translated Destination Original
    Original Service Any
    Translated Service Original
    Inbound Interface X3
    Outbound Interface X1
    Comment Enter a short description
    Enable Checked
    Create a reflexive policy (dimmed)

  4. Click Add to add and activate the NAT policy. The new policy is added to the NAT table.

  5. Click Cancel.

    This policy can be duplicated for subnets behind the other interfaces of the firewall; just:

    1. Replace the Original Source with the subnet behind that interface.
    2. Adjust the source interface.
    3. Add another NAT .