Zitat von mpachmann am 5. Oktober 2022, 10:59 Uhr

Let’s review how Sophos Firewall applies NAT to traffic passing through.

When a packet arrives and the marking has been done, the Sophos Firewall performs a NAT lookup for DNAT or Full NAT rules. If a NAT rule has been matched the destination zone is translated before the packet goes to the firewall. This means that the firewall will be matching rules based on the post-NAT destination zone and the pre-NAT IP address.

After the firewall either:

• The DNAT or Full NAT rule matched in step 3 is used to do the translation
• A second NAT lookup is done for SNAT rules or linked rules, and this translation is applied

  Finally, the packet is delivered.