- Clavister Security Gateway 11.x.
I want to do an automatic translation of the destination port from e.g. port 81 to 80, meaning that whatever destination IP the user goes to on port 81, the port should automatically become 80 when it leaves the Security Gateway (SGW).
This is quite a tricky operation as IP Policies base options do not account for this particular scenario. So we have to configure this quite differently.
For example, the IP Policy could look something like this:
- Action: Allow
Destination Interface: Wan
Destination Network: 0.0.0.1-255.255.255.255
Source Translation: NAT
Destination Translation: SAT
Address Action: Transposed
Base IP Address: 0.0.0.1
Note: If you use this setup as the example for HTTP traffic, then you must remember that if you go to Webpage-A using for instance
It will become 80 when it leaves the SGW. But the destination webpage most likely links to other HTTP pages using port 80, those will NOT be translated by this rule as it will be a sort of redirection to port 80 that we cannot control. So if you do not have a rule that allows HTTP port 80 in your ruleset, it would cause big delays as the browser is awaiting a reply on port 80 that is blocked by the SGW.