<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"
	xmlns:content="http://purl.org/rss/1.0/modules/content/"
	xmlns:wfw="http://wellformedweb.org/CommentAPI/"
	xmlns:dc="http://purl.org/dc/elements/1.1/"
	xmlns:atom="http://www.w3.org/2005/Atom"
	xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
	xmlns:slash="http://purl.org/rss/1.0/modules/slash/"
	>

<channel>
	<title>Palo Alto: Hướng dẫn cách NAT một port dịch vụ của server ra ngoài internet trong mô hình firewall 2 lớp external và internal firewall &#8211; Thegioifirewall</title>
	<atom:link href="https://thegioifirewall.com/tag/palo-alto-huong-dan-cach-nat-mot-port-dich-vu-cua-server-ra-ngoai-internet-trong-mo-hinh-firewall-2-lop-external-va-internal-firewall/feed/" rel="self" type="application/rss+xml" />
	<link>https://thegioifirewall.com</link>
	<description>Tường lửa bảo vệ doanh nghiệp, trung tâm thông tin và giá cả</description>
	<lastBuildDate>Fri, 17 Sep 2021 16:52:04 +0000</lastBuildDate>
	<language>vi</language>
	<sy:updatePeriod>
	hourly	</sy:updatePeriod>
	<sy:updateFrequency>
	1	</sy:updateFrequency>
	<generator>https://wordpress.org/?v=7.0</generator>

<image>
	<url>https://thegioifirewall.com/wp-content/uploads/vacif_icon-150x150.png</url>
	<title>Palo Alto: Hướng dẫn cách NAT một port dịch vụ của server ra ngoài internet trong mô hình firewall 2 lớp external và internal firewall &#8211; Thegioifirewall</title>
	<link>https://thegioifirewall.com</link>
	<width>32</width>
	<height>32</height>
</image> 
	<item>
		<title>Palo Alto: Hướng dẫn cách NAT một port dịch vụ của server ra ngoài internet trong mô hình firewall 2 lớp external và internal firewall</title>
		<link>https://thegioifirewall.com/palo-alto-huong-dan-cach-nat-mot-port-dich-vu-cua-server-ra-ngoai-internet-trong-mo-hinh-firewall-2-lop-external-va-internal-firewall/</link>
					<comments>https://thegioifirewall.com/palo-alto-huong-dan-cach-nat-mot-port-dich-vu-cua-server-ra-ngoai-internet-trong-mo-hinh-firewall-2-lop-external-va-internal-firewall/#respond</comments>
		
		<dc:creator><![CDATA[TrungNghia]]></dc:creator>
		<pubDate>Thu, 16 Sep 2021 03:21:00 +0000</pubDate>
				<category><![CDATA[Hướng dẫn cấu hình Firewall Palo Alto]]></category>
		<category><![CDATA[Palo Alto: Hướng dẫn cách NAT một port dịch vụ của server ra ngoài internet trong mô hình firewall 2 lớp external và internal firewall]]></category>
		<guid isPermaLink="false">https://www.thegioifirewall.com/?p=12251</guid>

					<description><![CDATA[1.Mục đích bài viết Trong bài viết này thegioifirewall sẽ hướng dẫn cách thực hiện NAT một dịch vụ của server ra ngoài internet trong hệ thống có 2 thiết bị firewall lớp trong và lớp ngoài. 2.Diagram Chi tiết sơ đồ mạng: External Firewall. Đường truyền internet PPPoE được cấu hình tại cổng ethernet1/1 [&#8230;]]]></description>
										<content:encoded><![CDATA[
<h2 class="wp-block-heading"><strong>1.Mục đích bài viết</strong></h2>



<p class="wp-block-paragraph">Trong bài viết này thegioifirewall sẽ hướng dẫn cách thực hiện NAT một dịch vụ của server ra ngoài internet trong hệ thống có 2 thiết bị firewall lớp trong và lớp ngoài.</p>



<h2 class="wp-block-heading"><strong>2.Diagram</strong></h2>



<figure class="wp-block-image size-large"><img fetchpriority="high" decoding="async" width="1024" height="313" src="https://thegioifirewall.com/wp-content/uploads/Drawing2-1-1024x313.png" alt="" class="wp-image-12252" srcset="https://thegioifirewall.com/wp-content/uploads/Drawing2-1-1024x313.png 1024w, https://thegioifirewall.com/wp-content/uploads/Drawing2-1-300x92.png 300w, https://thegioifirewall.com/wp-content/uploads/Drawing2-1-768x234.png 768w, https://thegioifirewall.com/wp-content/uploads/Drawing2-1-1536x469.png 1536w, https://thegioifirewall.com/wp-content/uploads/Drawing2-1-2048x625.png 2048w" sizes="(max-width: 1024px) 100vw, 1024px" /></figure>



<p class="wp-block-paragraph"><strong>Chi tiết sơ đồ mạng:</strong></p>



<p class="wp-block-paragraph"><strong>External Firewall.</strong></p>



<ul class="wp-block-list"><li>Đường truyền internet PPPoE được cấu hình tại cổng ethernet1/1 với IP tĩnh là 10.150.30.120.</li><li>Mạng LAN được cấu hình tại cổng ethernet1/2 có IP 10.145.41.1/24 và đã cấu hình DHCP.</li></ul>



<p class="wp-block-paragraph"><strong>Internal Firewall:</strong></p>



<ul class="wp-block-list"><li>Cổng ethernet1/1 trên Internal Firewall là cổng WAN và sẽ kết nối với cổng ethernet1/2 của External Firewall.</li><li>Cổng ethernet1/1 của Internal Firewall có IP tĩnh là 10.145.41.50/24 và trỏ gateway về IP 10.145.41.1/24.</li><li>Mạng LAN của Internal Firwall được cấu hình tại cổng ethernet1/2 với IP 10.0.0.1/24 và đã cấu hình DHCP.</li><li>Cuối cùng là 1 máy chủ Windows Server có IP 10.0.0.52/24 đang chạy phần mềm ManageEngine Event Log và trang quản trị của phần mềm này sử dụng port 8400 để truy cập.</li></ul>



<p class="wp-block-paragraph"><strong>Ngoài internet:</strong></p>



<ul class="wp-block-list"><li>Thegioifirewall chuẩn bị 1 máy tính chạy Windows ngoài môi trường internet được dùng để kiểm tra kết quả NAT sau khi cấu hình.</li></ul>



<h2 class="wp-block-heading"><strong>3.Tình huống cấu hình</strong></h2>



<p class="wp-block-paragraph">Thegioifirewall sẽ thực hiện cấu hình NAT port trên hai thiết bị tường lửa Palo Alto để người quản trị có thể truy cập được trang quản trị của phần mềm ManageEngine Event Log sử dụng port 8400 từ ngoài internet.</p>



<h2 class="wp-block-heading"><strong>4.Các bước cấu hình</strong></h2>



<p class="wp-block-paragraph"><strong>External Firewall:</strong></p>



<ul class="wp-block-list"><li>Tạo service objects cho port 8400</li><li>Tạo NAT policy.</li><li>Tạo Security Policy.</li></ul>



<p class="wp-block-paragraph"><strong>Internal Firewall:</strong></p>



<ul class="wp-block-list"><li>Tạo NAT policy.</li><li>Tạo Security Policy.</li></ul>



<p class="wp-block-paragraph"><strong>Kiểm tra kết quả.</strong></p>



<h2 class="wp-block-heading"><strong>5.Hướng dẫn cấu hình</strong></h2>



<h3 class="wp-block-heading"><strong>5.1.External Firewall</strong></h3>



<h4 class="wp-block-heading"><strong>5.1.1.Tạo service objects cho port 8400</strong></h4>



<p class="wp-block-paragraph">Để tạo vào Objects &gt; Services &gt; nhấn Add.</p>



<p class="wp-block-paragraph">Tạo với các thông số sau:</p>



<ul class="wp-block-list"><li>Name: ManageEngine_Event_Log.</li><li>Protocol: TCP.</li><li>Destination Port: 8400.</li></ul>



<figure class="wp-block-image size-large"><img decoding="async" width="1024" height="425" src="https://thegioifirewall.com/wp-content/uploads/1-44-1024x425.png" alt="" class="wp-image-12253" srcset="https://thegioifirewall.com/wp-content/uploads/1-44-1024x425.png 1024w, https://thegioifirewall.com/wp-content/uploads/1-44-300x125.png 300w, https://thegioifirewall.com/wp-content/uploads/1-44-768x319.png 768w, https://thegioifirewall.com/wp-content/uploads/1-44-1536x638.png 1536w, https://thegioifirewall.com/wp-content/uploads/1-44.png 1553w" sizes="(max-width: 1024px) 100vw, 1024px" /></figure>



<h4 class="wp-block-heading"><strong>5.1.2.Tạo NAT policy.</strong></h4>



<p class="wp-block-paragraph">Chúng ta sẽ thực hiện tạo 1 NAT policy để NAT IP WAN của internal firewall là 10.145.41.50 cùng dịch vụ ManageEngine Event Log vừa tạo ra ngoài internet.</p>



<p class="wp-block-paragraph">Để tạo NAT policy vào Policies &gt; NAT &gt; nhấn Add.</p>



<p class="wp-block-paragraph">Tạo với các thông số sau.</p>



<p class="wp-block-paragraph">Tab General:</p>



<ul class="wp-block-list"><li>Name: NAT_ManageEngine_Event_Log_service.</li><li>NAT Type: ipv4.</li></ul>



<figure class="wp-block-image size-large"><img decoding="async" width="1024" height="481" src="https://thegioifirewall.com/wp-content/uploads/2-40-1024x481.png" alt="" class="wp-image-12254" srcset="https://thegioifirewall.com/wp-content/uploads/2-40-1024x481.png 1024w, https://thegioifirewall.com/wp-content/uploads/2-40-300x141.png 300w, https://thegioifirewall.com/wp-content/uploads/2-40-768x361.png 768w, https://thegioifirewall.com/wp-content/uploads/2-40-1536x721.png 1536w, https://thegioifirewall.com/wp-content/uploads/2-40.png 1996w" sizes="(max-width: 1024px) 100vw, 1024px" /></figure>



<p class="wp-block-paragraph">Tab Original Packet:</p>



<ul class="wp-block-list"><li>Source Zone: WAN.</li><li>Destination Zone: WAN.</li><li>Destination Interface: ethernet1/1.</li><li>Service: Chọn service objects ManageEngine_Event_Log.</li><li>Destination Address: nhập IP WAN của external firewall là 10.150.30.120.</li></ul>



<figure class="wp-block-image size-large"><img loading="lazy" decoding="async" width="1024" height="483" src="https://thegioifirewall.com/wp-content/uploads/3-44-1024x483.png" alt="" class="wp-image-12255" srcset="https://thegioifirewall.com/wp-content/uploads/3-44-1024x483.png 1024w, https://thegioifirewall.com/wp-content/uploads/3-44-300x142.png 300w, https://thegioifirewall.com/wp-content/uploads/3-44-768x362.png 768w, https://thegioifirewall.com/wp-content/uploads/3-44-1536x725.png 1536w, https://thegioifirewall.com/wp-content/uploads/3-44.png 1997w" sizes="auto, (max-width: 1024px) 100vw, 1024px" /></figure>



<p class="wp-block-paragraph">Tab Translated Packet:</p>



<ul class="wp-block-list"><li>Translation Type: chọn Static IP.</li><li>Translated Address: nhập IP WAN của internal firewall là 10.145.41.50.</li><li>Translated Port: nhập port 8400.</li><li>Nhấn OK để lưu.</li></ul>



<figure class="wp-block-image size-large"><img loading="lazy" decoding="async" width="1024" height="382" src="https://thegioifirewall.com/wp-content/uploads/4-45-1024x382.png" alt="" class="wp-image-12256" srcset="https://thegioifirewall.com/wp-content/uploads/4-45-1024x382.png 1024w, https://thegioifirewall.com/wp-content/uploads/4-45-300x112.png 300w, https://thegioifirewall.com/wp-content/uploads/4-45-768x287.png 768w, https://thegioifirewall.com/wp-content/uploads/4-45-1536x574.png 1536w, https://thegioifirewall.com/wp-content/uploads/4-45.png 1995w" sizes="auto, (max-width: 1024px) 100vw, 1024px" /></figure>



<p class="wp-block-paragraph">Nhấn Commit và OK để lưu các thay đổi cấu hình.</p>



<h4 class="wp-block-heading"><strong>5.1.3.Tạo Security Policy</strong></h4>



<p class="wp-block-paragraph">Mặc định tường lửa sẽ chặn các traffic từ ngoài internet đi vào trong mạng nội bộ.</p>



<p class="wp-block-paragraph">Nên nếu chúng ta muốn NAT policy vừa tạo hoạt động chúng ta cần phải 1 security policy cho phép.</p>



<p class="wp-block-paragraph">Để tạo vào Policies &gt; Security &gt; Nhấn Add.</p>



<p class="wp-block-paragraph">Tạo với các thông số sau.</p>



<p class="wp-block-paragraph">Tab General:</p>



<ul class="wp-block-list"><li>Name: Allow_NAT_ManageEngine_Event_Log_policy.</li><li>Rule type: universal (default).</li></ul>



<figure class="wp-block-image size-large"><img loading="lazy" decoding="async" width="1024" height="549" src="https://thegioifirewall.com/wp-content/uploads/5-42-1024x549.png" alt="" class="wp-image-12257" srcset="https://thegioifirewall.com/wp-content/uploads/5-42-1024x549.png 1024w, https://thegioifirewall.com/wp-content/uploads/5-42-300x161.png 300w, https://thegioifirewall.com/wp-content/uploads/5-42-768x412.png 768w, https://thegioifirewall.com/wp-content/uploads/5-42-1536x824.png 1536w, https://thegioifirewall.com/wp-content/uploads/5-42.png 1743w" sizes="auto, (max-width: 1024px) 100vw, 1024px" /></figure>



<p class="wp-block-paragraph">Tab Source:</p>



<ul class="wp-block-list"><li>Source Zone: WAN.</li></ul>



<figure class="wp-block-image size-large"><img loading="lazy" decoding="async" width="1024" height="589" src="https://thegioifirewall.com/wp-content/uploads/6-42-1024x589.png" alt="" class="wp-image-12258" srcset="https://thegioifirewall.com/wp-content/uploads/6-42-1024x589.png 1024w, https://thegioifirewall.com/wp-content/uploads/6-42-300x172.png 300w, https://thegioifirewall.com/wp-content/uploads/6-42-768x442.png 768w, https://thegioifirewall.com/wp-content/uploads/6-42-1536x883.png 1536w, https://thegioifirewall.com/wp-content/uploads/6-42.png 1748w" sizes="auto, (max-width: 1024px) 100vw, 1024px" /></figure>



<p class="wp-block-paragraph">Tab Destination:</p>



<ul class="wp-block-list"><li>Destination Zone: LAN.</li><li>Destination Address: nhập IP WAN của External Firewall là 10.150.30.120.</li></ul>



<figure class="wp-block-image size-large"><img loading="lazy" decoding="async" width="1024" height="590" src="https://thegioifirewall.com/wp-content/uploads/7-36-1024x590.png" alt="" class="wp-image-12259" srcset="https://thegioifirewall.com/wp-content/uploads/7-36-1024x590.png 1024w, https://thegioifirewall.com/wp-content/uploads/7-36-300x173.png 300w, https://thegioifirewall.com/wp-content/uploads/7-36-768x443.png 768w, https://thegioifirewall.com/wp-content/uploads/7-36-1536x885.png 1536w, https://thegioifirewall.com/wp-content/uploads/7-36.png 1746w" sizes="auto, (max-width: 1024px) 100vw, 1024px" /></figure>



<p class="wp-block-paragraph">Tab Service/URL Category:</p>



<ul class="wp-block-list"><li>Tại Service nhấn Add và chọn service Objects ManageEngine_Event_Log.</li></ul>



<figure class="wp-block-image size-large"><img loading="lazy" decoding="async" width="1024" height="555" src="https://thegioifirewall.com/wp-content/uploads/8-36-1024x555.png" alt="" class="wp-image-12260" srcset="https://thegioifirewall.com/wp-content/uploads/8-36-1024x555.png 1024w, https://thegioifirewall.com/wp-content/uploads/8-36-300x163.png 300w, https://thegioifirewall.com/wp-content/uploads/8-36-768x416.png 768w, https://thegioifirewall.com/wp-content/uploads/8-36-1536x833.png 1536w, https://thegioifirewall.com/wp-content/uploads/8-36.png 1750w" sizes="auto, (max-width: 1024px) 100vw, 1024px" /></figure>



<p class="wp-block-paragraph">Tab Actions:</p>



<ul class="wp-block-list"><li>Action: chọn Allow.</li><li>Log Setting: chọn Log at Session End.</li><li>Nhấn OK để lưu.</li></ul>



<figure class="wp-block-image size-large"><img loading="lazy" decoding="async" width="1024" height="513" src="https://thegioifirewall.com/wp-content/uploads/9-38-1024x513.png" alt="" class="wp-image-12261" srcset="https://thegioifirewall.com/wp-content/uploads/9-38-1024x513.png 1024w, https://thegioifirewall.com/wp-content/uploads/9-38-300x150.png 300w, https://thegioifirewall.com/wp-content/uploads/9-38-768x385.png 768w, https://thegioifirewall.com/wp-content/uploads/9-38-1536x770.png 1536w, https://thegioifirewall.com/wp-content/uploads/9-38.png 1747w" sizes="auto, (max-width: 1024px) 100vw, 1024px" /></figure>



<p class="wp-block-paragraph">Nhấn Commit và OK để lưu các thay đổi cấu hình.</p>



<h3 class="wp-block-heading"><strong>5.2.Internal Firewall</strong></h3>



<h4 class="wp-block-heading"><strong>5.2.1.Tạo service objects cho port 8400</strong></h4>



<p class="wp-block-paragraph">Để tạo vào Objects &gt; Services &gt; nhấn Add.</p>



<p class="wp-block-paragraph">Tạo với các thông số sau:</p>



<ul class="wp-block-list"><li>Name: ManageEngine_Event_Log.</li><li>Protocol: TCP.</li><li>Destination Port: 8400.</li></ul>



<figure class="wp-block-image size-large"><img loading="lazy" decoding="async" width="1024" height="427" src="https://thegioifirewall.com/wp-content/uploads/10-33-1024x427.png" alt="" class="wp-image-12262" srcset="https://thegioifirewall.com/wp-content/uploads/10-33-1024x427.png 1024w, https://thegioifirewall.com/wp-content/uploads/10-33-300x125.png 300w, https://thegioifirewall.com/wp-content/uploads/10-33-768x320.png 768w, https://thegioifirewall.com/wp-content/uploads/10-33-1536x640.png 1536w, https://thegioifirewall.com/wp-content/uploads/10-33.png 1747w" sizes="auto, (max-width: 1024px) 100vw, 1024px" /></figure>



<h4 class="wp-block-heading"><strong>5.2.2.Tạo NAT policy.</strong></h4>



<p class="wp-block-paragraph">Chúng ta sẽ thực hiện tạo 1 NAT policy để NAT IP của máy chủ ManageEngine Event Log là 10.0.0.52 cùng dịch vụ ManageEngine Event Log vừa tạo đến external firewall.</p>



<p class="wp-block-paragraph">Để tạo NAT policy vào Policies &gt; NAT &gt; nhấn Add.</p>



<p class="wp-block-paragraph">Tạo với các thông số sau.</p>



<p class="wp-block-paragraph">Tab General:</p>



<ul class="wp-block-list"><li>Name: NAT_ManageEngine_Event_Log_service.</li><li>NAT Type: ipv4.</li></ul>



<figure class="wp-block-image size-large"><img loading="lazy" decoding="async" width="1024" height="482" src="https://thegioifirewall.com/wp-content/uploads/11-34-1024x482.png" alt="" class="wp-image-12263" srcset="https://thegioifirewall.com/wp-content/uploads/11-34-1024x482.png 1024w, https://thegioifirewall.com/wp-content/uploads/11-34-300x141.png 300w, https://thegioifirewall.com/wp-content/uploads/11-34-768x361.png 768w, https://thegioifirewall.com/wp-content/uploads/11-34-1536x723.png 1536w, https://thegioifirewall.com/wp-content/uploads/11-34.png 1994w" sizes="auto, (max-width: 1024px) 100vw, 1024px" /></figure>



<p class="wp-block-paragraph">Tab Original Packet:</p>



<ul class="wp-block-list"><li>Source Zone: WAN.</li><li>Destination Zone: WAN.</li><li>Destination Interface: ethernet1/1.</li><li>Service: Chọn service objects ManageEngine_Event_Log.</li><li>Destination Address: nhập IP WAN của internal firewall là 10.145.41.50.</li></ul>



<figure class="wp-block-image size-large"><img loading="lazy" decoding="async" width="1024" height="483" src="https://thegioifirewall.com/wp-content/uploads/12-32-1024x483.png" alt="" class="wp-image-12264" srcset="https://thegioifirewall.com/wp-content/uploads/12-32-1024x483.png 1024w, https://thegioifirewall.com/wp-content/uploads/12-32-300x141.png 300w, https://thegioifirewall.com/wp-content/uploads/12-32-768x362.png 768w, https://thegioifirewall.com/wp-content/uploads/12-32-1536x724.png 1536w, https://thegioifirewall.com/wp-content/uploads/12-32.png 1999w" sizes="auto, (max-width: 1024px) 100vw, 1024px" /></figure>



<p class="wp-block-paragraph">Tab Translated Packet:</p>



<ul class="wp-block-list"><li>Translation Type: chọn Static IP.</li><li>Translated Address: nhập IP của máy chủ là 10.0.0.52.</li><li>Translated Port: nhập port 8400.</li><li>Nhấn OK để lưu.</li></ul>



<figure class="wp-block-image size-large"><img loading="lazy" decoding="async" width="1024" height="390" src="https://thegioifirewall.com/wp-content/uploads/13-28-1024x390.png" alt="" class="wp-image-12265" srcset="https://thegioifirewall.com/wp-content/uploads/13-28-1024x390.png 1024w, https://thegioifirewall.com/wp-content/uploads/13-28-300x114.png 300w, https://thegioifirewall.com/wp-content/uploads/13-28-768x293.png 768w, https://thegioifirewall.com/wp-content/uploads/13-28-1536x585.png 1536w, https://thegioifirewall.com/wp-content/uploads/13-28.png 1994w" sizes="auto, (max-width: 1024px) 100vw, 1024px" /></figure>



<p class="wp-block-paragraph">Nhấn Commit và OK để lưu các thay đổi cấu hình.</p>



<h4 class="wp-block-heading"><strong>5.2.3.Tạo Security Policy</strong></h4>



<p class="wp-block-paragraph">Mặc định tường lửa sẽ chặn các traffic từ ngoài internet đi vào trong mạng nội bộ.</p>



<p class="wp-block-paragraph">Nên nếu chúng ta muốn NAT policy vừa tạo hoạt động chúng ta cần phải 1 security policy cho phép.</p>



<p class="wp-block-paragraph">Để tạo vào Policies &gt; Security &gt; Nhấn Add.</p>



<p class="wp-block-paragraph">Tạo với các thông số sau.</p>



<p class="wp-block-paragraph">Tab General:</p>



<ul class="wp-block-list"><li>Name: Allow_NAT_ManageEngine_Event_Log_policy.</li><li>Rule type: universal (default).</li></ul>



<figure class="wp-block-image size-large"><img loading="lazy" decoding="async" width="1024" height="550" src="https://thegioifirewall.com/wp-content/uploads/14-27-1024x550.png" alt="" class="wp-image-12266" srcset="https://thegioifirewall.com/wp-content/uploads/14-27-1024x550.png 1024w, https://thegioifirewall.com/wp-content/uploads/14-27-300x161.png 300w, https://thegioifirewall.com/wp-content/uploads/14-27-768x413.png 768w, https://thegioifirewall.com/wp-content/uploads/14-27-1536x826.png 1536w, https://thegioifirewall.com/wp-content/uploads/14-27.png 1745w" sizes="auto, (max-width: 1024px) 100vw, 1024px" /></figure>



<p class="wp-block-paragraph">Tab Source:</p>



<ul class="wp-block-list"><li>Source Zone: WAN.</li></ul>



<figure class="wp-block-image size-large"><img loading="lazy" decoding="async" width="1024" height="585" src="https://thegioifirewall.com/wp-content/uploads/15-26-1024x585.png" alt="" class="wp-image-12267" srcset="https://thegioifirewall.com/wp-content/uploads/15-26-1024x585.png 1024w, https://thegioifirewall.com/wp-content/uploads/15-26-300x171.png 300w, https://thegioifirewall.com/wp-content/uploads/15-26-768x438.png 768w, https://thegioifirewall.com/wp-content/uploads/15-26-1536x877.png 1536w, https://thegioifirewall.com/wp-content/uploads/15-26.png 1741w" sizes="auto, (max-width: 1024px) 100vw, 1024px" /></figure>



<p class="wp-block-paragraph">Tab Destination:</p>



<ul class="wp-block-list"><li>Destination Zone: LAN.</li><li>Destination Address: nhập IP WAN của Internal Firewall là 10.145.41.50.</li></ul>



<figure class="wp-block-image size-large"><img loading="lazy" decoding="async" width="1024" height="592" src="https://thegioifirewall.com/wp-content/uploads/16-26-1024x592.png" alt="" class="wp-image-12268" srcset="https://thegioifirewall.com/wp-content/uploads/16-26-1024x592.png 1024w, https://thegioifirewall.com/wp-content/uploads/16-26-300x173.png 300w, https://thegioifirewall.com/wp-content/uploads/16-26-768x444.png 768w, https://thegioifirewall.com/wp-content/uploads/16-26-1536x888.png 1536w, https://thegioifirewall.com/wp-content/uploads/16-26.png 1743w" sizes="auto, (max-width: 1024px) 100vw, 1024px" /></figure>



<p class="wp-block-paragraph">Tab Service/URL Category:</p>



<ul class="wp-block-list"><li>Tại Service nhấn Add và chọn service Objects ManageEngine_Event_Log.</li></ul>



<figure class="wp-block-image size-large"><img loading="lazy" decoding="async" width="1024" height="556" src="https://thegioifirewall.com/wp-content/uploads/17-24-1024x556.png" alt="" class="wp-image-12269" srcset="https://thegioifirewall.com/wp-content/uploads/17-24-1024x556.png 1024w, https://thegioifirewall.com/wp-content/uploads/17-24-300x163.png 300w, https://thegioifirewall.com/wp-content/uploads/17-24-768x417.png 768w, https://thegioifirewall.com/wp-content/uploads/17-24-1536x834.png 1536w, https://thegioifirewall.com/wp-content/uploads/17-24.png 1745w" sizes="auto, (max-width: 1024px) 100vw, 1024px" /></figure>



<p class="wp-block-paragraph">Tab Actions:</p>



<ul class="wp-block-list"><li>Action: chọn Allow.</li><li>Log Setting: chọn Log at Session End.</li><li>Nhấn OK để lưu.</li></ul>



<figure class="wp-block-image size-large"><img loading="lazy" decoding="async" width="1024" height="514" src="https://thegioifirewall.com/wp-content/uploads/18-23-1024x514.png" alt="" class="wp-image-12270" srcset="https://thegioifirewall.com/wp-content/uploads/18-23-1024x514.png 1024w, https://thegioifirewall.com/wp-content/uploads/18-23-300x151.png 300w, https://thegioifirewall.com/wp-content/uploads/18-23-768x385.png 768w, https://thegioifirewall.com/wp-content/uploads/18-23-1536x771.png 1536w, https://thegioifirewall.com/wp-content/uploads/18-23.png 1744w" sizes="auto, (max-width: 1024px) 100vw, 1024px" /></figure>



<h3 class="wp-block-heading"><strong>5.3.Kiểm tra kết quả</strong></h3>



<p class="wp-block-paragraph">Thegioifirewall sẽ sử dụng máy tính ngoài mội trường internet đã chuẩn bị để kiểm tra.</p>



<p class="wp-block-paragraph">Bật một trình duyệt web bất kì và truy cập vào trang quản trị của ManageEngine Event Log bằng IP WAN của External Firewall và port 8400.</p>



<p class="wp-block-paragraph">Kết quả là việc truy cập thành công.</p>



<figure class="wp-block-image size-large"><img loading="lazy" decoding="async" width="1024" height="772" src="https://thegioifirewall.com/wp-content/uploads/19-22-1024x772.png" alt="" class="wp-image-12271" srcset="https://thegioifirewall.com/wp-content/uploads/19-22-1024x772.png 1024w, https://thegioifirewall.com/wp-content/uploads/19-22-300x225.png 300w, https://thegioifirewall.com/wp-content/uploads/19-22-768x579.png 768w, https://thegioifirewall.com/wp-content/uploads/19-22-1536x1158.png 1536w, https://thegioifirewall.com/wp-content/uploads/19-22-2048x1544.png 2048w" sizes="auto, (max-width: 1024px) 100vw, 1024px" /></figure>



<p class="wp-block-paragraph">Như vậy là thegioifirewall đã hướng dẫn các bạn cách NAT một dịch vụ của server trong nội bộ ra ngoài internet với mô hình firewall 2 lớp là external và internal firewall.</p>
]]></content:encoded>
					
					<wfw:commentRss>https://thegioifirewall.com/palo-alto-huong-dan-cach-nat-mot-port-dich-vu-cua-server-ra-ngoai-internet-trong-mo-hinh-firewall-2-lop-external-va-internal-firewall/feed/</wfw:commentRss>
			<slash:comments>0</slash:comments>
		
		
			</item>
	</channel>
</rss>
