...
1) Note the direction of the arrow when configuring NAT (only when the "Service Specific Settings" are used):
In the default configuration the option Use Connection Settings is selected. With this option NAT is used for a connection between a local network an an Internet site. Therefore no additional settings are necessary.
When using the option Use Service Specific Settings a A Unified Firewall offers numerous options for NAT configuration. Most commonly, only data traffic in the direction of the Internet is masked.
...
| Info |
|---|
Using the option bidirectional also produces to a functional Internet connection. However, if you operate port forwarding, the sender address displayed is that of the Unified Firewall and not that of the original sender. The option right-to-left prevents any Internet communication, since communication from the local network to the Internet is unmasked. Only incoming communication is masked. |
2) Use the “Network” object instead of the “IP range” object for the entire network:
...
The custom service Port_Range contains the TCP and UDP ports 1–1000. The protocol HTTPS (TCP port 443) is added, even though this is already included in the service Port_Range. This leads to a twofold generation of rules.
