Updated on 2025-07-23 GMT+08:00

Example 4: Configuring SNAT Protection Rules

This section describes how to configure SNAT-based defense. For more parameter settings, see Configuring Protection Rules to Block or Allow Internet Border Traffic.

SNAT Protection Configuration

Assume your private IP address is 10.1.1.2 and the external domain name accessed through the NAT gateway is www.example.com. Configure NAT protection as follows and set other parameters based on your deployment:

Figure 1 Configuring a NAT protection rule
Table 1 Configuring a NAT protection rule

Parameter

Example Value

Description

Direction

SNAT

Direction of the protected traffic.

Source

IP Address

10.1.1.2

Origin of network traffic.

Destination

Domain Name/Domain Name Group

Network

www.example.com

Receiver of network traffic.

Service

Service

TCP, 1-65535, 1-65535

Protocol, source port, and destination port of network traffic.

Application

Application

HTTP, HTTPS

Protection policy for application layer protocols.

Protection Action

Allow

Action taken when traffic passes through the firewall.

Follow-up Operations

Checking protection outcomes

References