SNAT support

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

SNAT support

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
SNAT support
SNAT support
2022-07-02 18:40:32
Model: ER7206 (TL-ER7206)  
Hardware Version: V1
Firmware Version: 1.2.1

I want to know how I can add SNAT rules using the omada controller, it does not seem to be possible

 

I want packets with source address 

192.168.1.0/24 to leave with the address of one of the lan internal addresses however after scratching my head vigoursly I cannot find any way to add this simple rule..

 

Is it unsupported?

  0      
  0      
#1
Options
4 Reply
Re:SNAT support
2022-07-05 06:01:02

  @crrodriguez 

 

The default on this router itself is that the data going out is SNAT and coming in is DNAT.
When data goes out, the gateway replaces the source IP address with the router's WAN IP address.

Just striving to develop myself while helping others.
  0  
  0  
#2
Options
Re:SNAT support
2022-07-05 08:30:52

  @Virgo thanks i noticed that the wan ip is used. that is not what i need unfortunately.

I need packets from 192.168.1.1/32 snat to $LANFACINGIP  

 

 

  0  
  0  
#3
Options
Re:SNAT support
2022-07-05 16:20:25

  @crrodriguez Is that possible?  I am not an expert here so others may need to chime in but in my initial exploration it doesn't seem like any firewall/nat rules can be applied across internal network segments.  It doesn't appear that there is any state tracking or firewall between LAN segments.  You can apply stateless ACLs but those seem to be applied to the switch ports and not a firewall.  The only place I have seen nat/firewall being applied is on WAN ports.

  0  
  0  
#4
Options
Re:SNAT support
2022-07-05 16:55:48

  @Alex789  my exploration reached the same conclusion, that everything is stateless. that is quite a bummer really.

  0  
  0  
#5
Options