Support Center > Search Results > SecureKnowledge Details
Missing verification warning when NAT rule has Any as source
Symptoms
  • Manual policy verification does not catch manual NAT rules where the Source of the original packet is defined as 'Any'.

    The below rulebase passes the policy verification without any warning although it should fail.


  • The expected warming is:
    Invalid <Any> in Source of Address Translation 
    Rule 1: <Any> is valid only if the matching Translated column is <Original>
Cause

Manual policy verification does not catch manual NAT rules where the Source of the original packet is defined as 'Any'.

This has been described as a unsupported way to configure manual Hide NAT rules.


Solution
Note: To view this solution you need to Sign In .