>
    Disable NAT for a Specific Host or Interface
    Focus
    Download PDF
    Focus
    1. Home
    2. PAN-OS
    3. Networking
    4. NAT
    5. Configure NAT
    6. Disable NAT for a Specific Host or Interface
    Download PDF

    Disable NAT for a Specific Host or Interface

    Table of Contents
    End-of-Life (EoL)

    Disable NAT for a Specific Host or Interface

    Both source NAT and destination NAT rules can be configured to disable address translation. You may have exceptions where you do not want NAT to occur for a certain host in a subnet or for traffic exiting a specific interface. The following procedure shows how to disable source NAT for a host.
    1. Create the NAT policy.
      1. Select PoliciesNAT and click Add a descriptive Name for the policy.
      2. On the Original Packet tab, select the zone you created for your internal network in the Source Zone section (click Add and then select the zone) and the zone you created for the external network from the Destination Zone list.
      3. For Source Address, click Add and enter the host address. Click OK.
      4. On the Translated Packet tab, select None from the Translation Type list in the Source Address Translation section of the screen.
      5. Click OK.
    2. Commit your changes.
      Click Commit.
      NAT rules are processed in order from the top to the bottom, so place the NAT exemption policy before other NAT policies to ensure it is processed before an address translation occurs for the sources you want to exempt.

    © 2024 Palo Alto Networks, Inc. All rights reserved.