On the previous article we have discuss about firewall policy for the permit access between internal network. And in this article we want to discuss about how to configure NAT to permit internal/LAN network to have internet access.
To configure that, Select on the Policy & Objects -> Firewall Policy -> Create New
Configure IP DNS on PC and SERVER
PC> show ip NAME : PC[1] IP/MASK : 10.0.1.2/24 GATEWAY : 10.0.1.1 DNS : 1.1.1.1 MAC : 00:50:79:66:68:20 LPORT : 20000 RHOST:PORT : 127.0.0.1:30000 MTU : 1500 PC>
SERVER> show ip NAME : SERVER[1] IP/MASK : 172.16.100.2/24 GATEWAY : 172.16.100.1 DNS : 1.1.1.1 MAC : 00:50:79:66:68:21 LPORT : 20000 RHOST:PORT : 127.0.0.1:30000 MTU : 1500 SERVER>
Then Test ping from PC & Server to outside network. As shown bellow the PC and SERVER has been successful connect to outside network.
PC> ping 8.8.8.8 84 bytes from 8.8.8.8 icmp_seq=1 ttl=254 time=17.353 ms 84 bytes from 8.8.8.8 icmp_seq=2 ttl=254 time=4.203 ms 84 bytes from 8.8.8.8 icmp_seq=3 ttl=254 time=10.413 ms PC> ping google.com google.com resolved to 172.31.254.100 84 bytes from 172.31.254.100 icmp_seq=1 ttl=62 time=8.482 ms 84 bytes from 172.31.254.100 icmp_seq=2 ttl=62 time=12.825 ms 84 bytes from 172.31.254.100 icmp_seq=3 ttl=62 time=10.055 ms PC>
SERVER> ping 8.8.8.8 84 bytes from 8.8.8.8 icmp_seq=1 ttl=254 time=12.051 ms 84 bytes from 8.8.8.8 icmp_seq=2 ttl=254 time=8.566 ms 84 bytes from 8.8.8.8 icmp_seq=3 ttl=254 time=14.933 ms SERVER> ping youtube.com youtube.com resolved to 172.31.254.200 84 bytes from 172.31.254.200 icmp_seq=1 ttl=62 time=2.410 ms 84 bytes from 172.31.254.200 icmp_seq=2 ttl=62 time=6.836 ms 84 bytes from 172.31.254.200 icmp_seq=3 ttl=62 time=9.577 ms SERVER>
z