SonicWALL 5.8.1 Manuale Utente

One-to-Many NAT policies can be used to persistently load balance the translated destination 
using the original source IP address as the key to persistence. For example, SonicWALL 
security appliances can load balance multiple SonicWALL SSL VPN appliances, while still 
maintaining session persistence by always balancing clients to the correct destination SSL 
VPN. The following figure shows a sample topology and configuration.

To configure One-to-Many NAT load balancing, first go to the Firewall > Access Rules page 
and choose the policy for WAN to LAN. Click on the Add… button to bring up the pop-up 
access policy screen. When the pop-up appears, enter in the following values:

Action: Allow

Service: HTTPS

Source: Any

Destination: WAN Primary IP

Users Allowed: All

Schedule: Always on

Comment: Descriptive text, such as SSLVPN LB

Logging: Checked

Allow Fragmented Packets: Unchecked

Next, create the following NAT policy by selecting Network > NAT Policies and clicking on the 
Add... button:

Original Source: Any

Translated Source: Original

Original Destination: WAN Primary IP

link/act

10/100

Internet Host

204.20.30.40

Internet Host

66.1.2.3

Server 1

192.168.168.10

192.168.200.10

192.168.200.20

192.168.200.30

Server 2

192.168.168.20

Server 3

192.168.168.30

Internet Host

217.8.9.10

X0 (LAN):
X1 (WAN):
X2 (SSL VPN):

SSl VPN AO Group “mySSLVPN”
192.168.200.10 host
192.168.200.20 host
192.168.200.30 host

NAT Policy
OrigSrc:
TransSrc:
OrigDst:
TransDst:
Service:

192.168.168.168/24
10.0.0.2/16 (Gateway 10.0.0.1)
192.168.200.1/24

Any
Orig
WAN Primary IP
“mySSLVPN”
HTTPS

WAN -> LAN Allow Any to Primary WAN IP : HTTPS

Internet