Method used to configure the triplet NAT on the USG9000

On the USG9000, you can configure the triplet NAT function to enable private network users to access the Internet.
The configuration method is as follows:
1. Configure the interface IP address, security zones, and basic network parameters.
2. Configure the security policies and enable the addresses in the specific network segment of the private network to interwork the Internet.
3. Configure the NAT address pool.
4. Configure the source NAT policy to enable the firewall to automatically translate source addresses in the specified network segment of the private network upon access to the Internet.
5. Configure a default route for the firewall, so that the firewall can normally forward private network traffic to the router of the ISP.
6. Configure a default gateway for the private network host, so that the gateway can forward traffic generated for accessing the Internet to the firewall.
7. Configure a static route for the router, so that traffic returned from the Internet can be normally forwarded to the firewall.
For details about the configuration, see the CLI Examples: Private Network User Accessing the Internet Using the Triplet NAT in the product documentation.

Scroll to top