IP Pass Through Hosts/Networks

The Pass Through Hosts/Networks definition form is used to specify an IP address, subnet or network that will not have NAT applied to packets. See individual product guides for the number of IP Pass Through Hosts/Networks available on a specific GTA Firewall.

New Host or Network

In the Network/Host table, select an object or <Use IP address> and enter an IP address/netmask (single host), subnet, or network (multiple hosts) in the IP ADDRESS field. Single IP addresses use /32 or /255.255.255.255. Select the interface that will have no NAT applied when the IP packets pass outbound through the interface. If unsolicited IP packets should be accepted for the specified address, select the Inbound checkbox. If you wish to allow only IP Pass Through reply packets to return, leave the Inbound option deselected.

Hosts/Networks

The Pass Through Hosts/Networks definition form is used to specify an IP address, subnet or network that will not have NAT applied to packets. See individual product guides for the number of IP Pass Through Hosts/Networks available on a specific GTA Firewall.

IP Pass Through Examples

Protected to External Network

Internet Router 199.100.200.1

External Interface 199.100.200.2

Protected Network 199.100.202.0/24

Pass Through Host/Networks

Object/IP address 199.100.202.0/24

Destination Interface EXTERNAL

Inbound Checked

Pass Through Filters

Allow outbound Pass Through

Type Accept

Interface PROTECTED

Protocol ALL

Log Default

Source IP Address 199.100.202.0/24

Ports blank or Zero

Destination IP Address Object ìANY_IPî

Ports blank or Zero

Deny inbound Pass Through

Type DENY

Interface PROTECTED

Protocol ALL

Log Default

Source IP Address Object ANY_IP

Ports blank or Zero

Destination IP Address 199.100.202.0/24

Ports blank or Zero

Add Static Route to Internet Router

Network 199.100.202.0/24

Gateway 199.100.200.1

Protected to PSN

PSN Network 192.168.1.0/24

Protected Network 10.1.1.0/24

Pass Through Host/Networks

Object/IP address 10.1.1.0/24

Destination Interface PSN

Inbound Checked

Pass Through Filters

Allow outbound Pass Through to PSN

Type Accept

Interface PROTECTED

Protocol ALL

Log Default

Source IP Address 10.1.1.0/24

Ports blank or Zero

Destination IP Address 192.168.1.0/24

Ports blank or Zero

Pass Through Filters

Deny inbound Pass Through from PSN

Type DENY

Interface PSN

Protocol ALL

Log Default

Source IP Address 192.168.1.0/24

Ports blank or Zero

Destination IP Address 10.1.1.0/24

Ports blank or Zero

Add Static Route to Internet Router

Network 199.100.200.0/24

Gateway 199.100.200.1

When going to the Internet the key is the Static route on the router. If the static route cannot be configured, the Pass Through will fail.

¨ Notes

An IP Host/Network is not required for a Pass Through in Bridging mode because no NAT is applied.

The netmask is a means to specify a single IP address or a group of contiguous IP addresses.

Return to Pass Through