Example 4: Configuring SNAT Protection Rules
This section describes how to configure SNAT-based defense. For more parameter settings, see Configuring Protection Rules to Block or Allow Internet Border Traffic.
SNAT Protection Configuration
Assume your private IP address is 10.1.1.2 and the external domain name accessed through the NAT gateway is www.example.com. Configure NAT protection as follows and set other parameters based on your deployment:
|
Parameter |
Example Value |
Description |
|---|---|---|
|
Direction |
SNAT |
Direction of the protected traffic. |
|
Source |
IP Address 10.1.1.2 |
Origin of network traffic. |
|
Destination |
Domain Name/Domain Name Group Network www.example.com |
Receiver of network traffic. |
|
Service |
Service TCP, 1-65535, 1-65535 |
Protocol, source port, and destination port of network traffic. |
|
Application |
Application HTTP, HTTPS |
Protection policy for application layer protocols. |
|
Protection Action |
Allow |
Action taken when traffic passes through the firewall. |
Follow-up Operations
- Policy hits: For details about the protection overview, see Viewing Protection Information Using the Policy Assistant. For details about logs, see Access Control Logs.
- For details about the traffic trend and statistics, see Traffic Analysis. For details about traffic records, see Traffic Logs.
References
- For details about protection rule parameters, see Configuring Protection Rules to Block or Allow Internet Border Traffic.
- For details about blacklist and whitelist configuration, see Adding Blacklist or Whitelist Items to Block or Allow Traffic.
- For details about how to batch add protection policies, see Importing and Exporting Protection Policies.
- For details about how to block network attacks, see Configuring Intrusion Prevention.
- For details about antivirus, see Configuring Virus Defense.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.
