SNAT allows you to hide private IP addresses and resolve IP conflicts in private networks. You can use SNAT to translate private IP addresses to public IP addresses. This way, you can use a Smart Access Gateway (SAG) device to access external networks over the Internet. However, your private networks cannot be accessed over the Internet.

Procedure

  1. Log on to the Smart Access Gateway console.
  2. Use one of the following methods to open the Network Configuration tab.
    • Click the ID of the SAG instance that you want to manage. On the details page, click the Network Configuration tab.
    • Find the SAG instance that you want to manage and click Network Configuration in the Actions column.
  3. On the details page, choose Network Configuration > Private Network SNAT.
  4. Click Add SNAT Rule. In the Add SNAT Rule dialog box, set the following parameters and click OK.
    • Public IP: the destination public IP address after SNAT translation.
    • Private Network CIDR Block: The source CIDR block before SNAT translation, which is used by an on-premises terminal to connect to Alibaba Cloud.
    Note If the protocol is TCP, UDP, DCCP, or SCTP that requires a specific port, and the source port number falls into the following ranges, the port number after SNAT translation and the source port number fall into the same range:
    • Smaller than 512
    • Between 512 and 1023
    • 1024 and larger