Both source NAT and destination NAT rules
can be configured to disable address translation. You may have exceptions
where you do not want NAT to occur for a certain host in a subnet
or for traffic exiting a specific interface. The following procedure
shows how to disable source NAT for a host.
Create the NAT policy.
Select
Policies
NAT
and click
Add
a
descriptive
Name
for the policy.
On the
Original Packet
tab,
select the zone you created for your internal network in the
Source
Zone
section (click
Add
and then
select the zone) and the zone you created for the external network
from the
Destination Zone
list.
For
Source Address
, click
Add
and
enter the host address. Click
OK
.
On the
Translated Packet
tab,
select
None
from the
Translation
Type
list in the Source Address Translation section
of the screen.
Click
OK
.
Commit your changes.
Click
Commit
.
NAT rules
are processed in order from the top to the bottom, so place the
NAT exemption policy before other NAT policies to ensure it is processed
before an address translation occurs for the sources you want to
exempt.