[NGAF] DNAT or BNAT policy not working normally

KY Lv3Posted 29 Dec 2021 16:41

Last edited by KY 29 Dec 2021 16:49.

Warning Name: DNAT or BNAT policy not working normally

Product: NGAF
Version:  8.0.35 and above
Warning Level: 2
Discover Date: 14/8/2021
Bug Phenomena:

The client configures the DNAT or BNAT. When access the server found not able to access normally but the policy has hitcounts.

Trigger conditions:
The DNAT or BNAT has multiple ports configured in services and multiple ports configured in translated port to.

672861cc1f24df2a6.png

Root Cause:
Multi-port in translate port to will cause random conversion which causes port nat wrongly. For example, the client access port 80. When traffic reaches NGAF, port 80 is translated to port 4000.

How to check:
  • DNAT or BNAT policy configured multiple ports in services and multiple ports in translated port to.



Solution:If the client wants to have multiple ports that need translate to multiple server ports. The translate port to needs to leave it blank.
1113661cc1f2f79354.png


Trending Topics

Board Leaders