No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

After configured NAT, we still can’t connect the private ip address device in USG USG2200

Publication Date:  2014-08-07 Views:  138 Downloads:  1
Issue Description
This NAT is configured for our video device, private ip address is 10.163.6.6, the NAT I made like below picture.

After configured NAT, we still can’t connect the private ip address device from outside 


Alarm Information
No
Handling Process
We need to permit this destination IP (10.163.6.6 ) from outside.

Configure the following commands to permit this destination 10.163.6.6

policy interzone trust untrust inbound
policy 0
  action permit
  policy destination 10.163.6.6 0

Root Cause
1- Check the Configuration

#
policy interzone local untrust inbound
policy 0
  action permit
  policy logging
  policy session traffic statistic logging enable
  policy service service-set any
#
policy interzone trust untrust inbound

policy 0
  action permit
  policy logging
  policy session traffic statistic logging enable
  policy ips ips_policy01


policy 2
  action permit
  policy service service-set ftp
  policy destination 10.163.24.15 0

policy 3
  action permit
  policy destination 10.163.24.27 0

policy 4
  action permit
  policy service service-set http
  policy destination 10.163.24.12 0

policy 5
  action permit
  policy destination 10.163.24.12 0

policy 6
  action permit
  policy service service-set http
  policy destination 10.163.24.139 0

policy 7
  action permit
  policy destination 10.163.24.12 0

policy 9
  action permit
  policy logging
  policy session traffic statistic logging enable
  policy service service-set https
  policy destination 192.168.200.2 mask 32

policy 10
  action permit
  policy logging
  policy session traffic statistic logging enable
  policy destination 192.168.200.2 mask 32

policy 11
  action permit
  policy logging
  policy session traffic statistic logging enable
  policy service service-set https
  policy destination 10.163.4.27 mask 32

policy 12
  action permit
  policy logging
  policy session traffic statistic logging enable
  policy destination 10.163.25.20 mask 32

policy 13
description for tpm team to access their pptp vpn
  action permit
  policy logging
  policy session traffic statistic logging enable
  policy service service-set gre
  policy service service-set pptp
  policy service service-set pptp_vpn

policy 8
  action permit
  policy service service-set mobleoa
  policy destination 10.163.6.171 mask 32
#
Suggestions
No

END