Add a NAT rule to forward traffic

Add a NAT rule to forward traffic to Forcepoint Web Security Cloud.

Before you begin

  • In the cloud Security Portal, you have configured an EasyConnect service.
  • In the SMC Management Client, you have created a Proxy Server element that represents Web Security Cloud.

For more details about the product and how to configure features, click Help or press F1.

Steps

  1. Select Configuration.
  2. Browse to Policies > Firewall Policies.
  3. Right-click a policy, then select Edit Firewall Policy.
  4. Add a NAT rule that forwards the traffic to Web Security Cloud.
  5. Click Save and Install.

Example

Table 1. Example NAT rule
Source Destination Service NAT
Original source address of the traffic. For example, clients in the internal network. Original destination address of the traffic. For example, a web server. The HTTP and TLS Network Application elements.

On the Source translation tab, select Dynamic as the Translation Type, then select the Outbound Multi-Link element that represents your public IP addresses. If you have only one IP address, click Address, then enter the address.

On the Destination translation tab, select Forward to Proxy as the Translation Type, then select your Proxy Server element.

Next steps

To verify that the forwarding works correctly, enable logging and verify from the Logs view that the destination address is translated to the Proxy Server address when this rule matches. For more detailed log data, see the Transaction Viewer in the cloud Security Portal.