How to disable NAT on the ISA Gateway (Linux)

How to disable NAT on the ISA Gateway (Linux)

When the ISA Gateway is deployed, the ISA Gateway Agent performs network address translation (NAT) to translate the source IP address of incoming traffic from the outside to the IP address of its physical interface, such as eth0, enp0s3, before forwarding the packet to the destination. The agent uses IP Masquerading to perform NAT and is implemented using the following command in the Gateway Agent script:

iptables -t nat -A POSTROUTING -o $intf -j MASQUERADE

The command is executed by running the script during installation of the agent and when the Gateway is restarted. This command will translate the source IP address of traffic coming from the outside, invariably from the ISA Controller, to the IP address of the physical adapter and then is forwarded to the destination, which is invariably a corporate resource.

However, there are instances when the source IP address must remain unchanged, for example, for VoIP traffic. In such cases, NAT should be disabled. To disable NAT, enter the following command:

iptables -t nat -F

This command will forward traffic to its destination without changing the source IP address. Appropriate routes must be configured for the return traffic.



    • Related Articles

    • Configuring NAT on the ISA Gateway (Windows Server)

      This article describes the step-by-step method to configure NAT on a Windows Server One of the prerequisites for deploying the ISA Gateway Agent in a Windows Server is to add the Routing and Remote Access Server (RRAS) role. The RRAS role allows the ...

    • Uninstalling the ISA Gateway Agent from Linux

      This KB article describes the method to uninstall the ISA Gateway Agent software from the Linux operating system. In certain circumstances, the ISA Gateway Agent, due to various reasons, may need to be changed. Before installing the Agent on a new ...

    • Installing the ISA Gateway Agent on Linux

      InstaSafe Secure Access (ISA) Gateway Agent is a software that acts as the entry and exit point for user access. Gateways are deployed at the edge of a private network, and are used to connect remote clients or networks to the private network. It is ...

    • ISA App Log File

      The ISA App, once successfully installed and configured, generates Connection Logs that could be extremely helpful in troubleshooting issues that may crop up. Depending on the device OS, the Log File location is as follows: Locating the ISA App Log ...

    • Install the ISA App on Linux (CLI)

      Prerequisites for Installation (Users): 1. The User must have sudo access to the system in order to install the ISA App 2. During installation, the system should have access to the InstaSafe libraries and Linux repositories/mirrors so that the ...