ngaf management

zmulles Lv1Posted 13 Oct 2022 20:50

Good day everyone , just asking What Nat configuration I will use for me to access my NGAF management console through internet?


Thanks in advance..

rivsy has solved this question and earned 20 coins.

Posting a reply earns you 2 coins. An accepted reply earns you 20 coins and another 10 coins for replying within 10 minutes. (Expired) What is Coin?

Enter your mobile phone number and company name for better service. Go

Depends on different scenario, NAT can be divided as four types:
1. Source network address translation - translate internal IP to public IP to allowed internal user to access the internet
2. Destination network address translation - used to allow external user to access internal server
3. Bidirectional network address translation - allow internal user to use public IP or domain name to access internal server
4. NAT64 or NAT46 - internal IPv4 server needs to be release to IPv6 address for access

I recommend to use the Bidirectional NAT because NGAF deploy as internet gateway, internal have a web server and enduser/client had apply a domain name www.test.com (or which domain will be used) and point to 2.2.2.2.
In this setup the enduser wants internal user to access by web server via www.test.com (preffered domain used).

Steps:
1. Click Policies > NAT > then click IPv4 NAT > choose Destination NAT (please see step 1 picture)
2. On the new window appear, name it to whatever you wnat then click the more option in the "SRC Zone" (please see step 1 picture)
3. In the new window apper, only choose the internal zone as the source zone which is the LAN then click OK. (please see step 2 picture)
4. After fill the details such as public IP address, protocol and port in the original data packet and translated data packet columns. (please see step 3 picture) Click "Advanced" then Enable the Bidirectional NAT then choose advanced option.
5. From Select Zone choose the targeted destination IP thenc choose OK.
6. Then select "Egress interface" in the Translate SRC To. (please see step 4 picture) then click OK to all window.
7. Then you can test now the configuration

sangfor nat1.png (217.63 KB, Downloads: 286)

step 1

step 1

sangfor nat2.png (222.34 KB, Downloads: 287)

step 2

step 2

sangfor nat3.png (219.22 KB, Downloads: 283)

step 3

step 3

sangfor nat4.png (196.15 KB, Downloads: 279)

step 4

step 4
Is this answer helpful?
RegiBoy Lv5Posted 13 Oct 2022 22:16
  
Hi,

If you want to access the NGAF Management Console outside your network, you must configure Destination NAT (DNAT). It is generally called Port Forwarding. The typical usage of DNAT is to map the IP Address of your Local LAN to the Public Network (Internet) so you can access them publicly.
rivsy Lv5Posted 14 Oct 2022 09:29
  
Depends on different scenario, NAT can be divided as four types:
1. Source network address translation - translate internal IP to public IP to allowed internal user to access the internet
2. Destination network address translation - used to allow external user to access internal server
3. Bidirectional network address translation - allow internal user to use public IP or domain name to access internal server
4. NAT64 or NAT46 - internal IPv4 server needs to be release to IPv6 address for access

I recommend to use the Bidirectional NAT because NGAF deploy as internet gateway, internal have a web server and enduser/client had apply a domain name www.test.com (or which domain will be used) and point to 2.2.2.2.
In this setup the enduser wants internal user to access by web server via www.test.com (preffered domain used).

Steps:
1. Click Policies > NAT > then click IPv4 NAT > choose Destination NAT (please see step 1 picture)
2. On the new window appear, name it to whatever you wnat then click the more option in the "SRC Zone" (please see step 1 picture)
3. In the new window apper, only choose the internal zone as the source zone which is the LAN then click OK. (please see step 2 picture)
4. After fill the details such as public IP address, protocol and port in the original data packet and translated data packet columns. (please see step 3 picture) Click "Advanced" then Enable the Bidirectional NAT then choose advanced option.
5. From Select Zone choose the targeted destination IP thenc choose OK.
6. Then select "Egress interface" in the Translate SRC To. (please see step 4 picture) then click OK to all window.
7. Then you can test now the configuration

sangfor nat1.png (217.63 KB, Downloads: 286)

step 1

step 1

sangfor nat2.png (222.34 KB, Downloads: 287)

step 2

step 2

sangfor nat3.png (219.22 KB, Downloads: 283)

step 3

step 3

sangfor nat4.png (196.15 KB, Downloads: 279)

step 4

step 4
Zonger Lv5Posted 14 Oct 2022 12:01
  
If you want to access the NGAF Management Console outside your network, you must configure Destination NAT (DNAT). It is generally called Port Forwarding. The typical usage of DNAT is to map the IP Address of your Local LAN to the Public Network (Internet) so you can access them publicly.
JC Lv1Posted 14 Oct 2022 14:28
  
you must configure Destination NAT

I Can Help:

Change

Moderator on This Board

11
7
5

Started Topics

Followers

Follow

1
3
5

Started Topics

Followers

Follow

0
4
5

Started Topics

Followers

Follow

67
20
3

Started Topics

Followers

Follow

3
14
3

Started Topics

Followers

Follow

1
137
3

Started Topics

Followers

Follow

Board Leaders