How To Create a No NAT Policy

How To Create a No NAT Policy

80413
Created On 09/25/18 17:42 PM - Last Modified 01/31/25 19:17 PM


Procedure


Details

No NAT rules are configured (at Policies > NAT) by specifying the desired match conditions (zone, IP, etc.) and leaving the source translation and destination translation fields blank.

Capture.JPG.jpg

 

It is also possible to specify a list of IP addresses or IP address ranges in a NAT rule. If No NAT rules were used in the past to  exclude specific IP addresses from a range or subnet defined in another NAT rule, simply define ranges around the excluded address(es). In the following example NAT rule, 1.1.1.1 - 1.1.1.40 and 1.1.1.50 - 1.1.1.254 are excluded.

Capture-1.JPG.jpg

Note: The above No NAT policy should be placed at the appropriate position to ensure it is processed first before any other NAT policy. NAT rules are processed top to bottom.

 

See Also

Understanding PAN-OS NAT

 

owner: panagent
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClIlCAK&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language