Forum Discussion

TT's avatar
TT
Comet
2 months ago

Containers and Network Rules

Hi!

We use an IP container for storing large amounts of IP ranges and reference the container in Internet firewall rules. 

We have a problem we could overcome by referencing the IP Container in a Network Rule, but apparently, the container can only be used with firewall rules, not network rules.

Does anyone have any suggestions on how to work around this? 

In simple terms, the requirement is to define specific IP ranges, to which traffic would then be routed through a NAT rule and a static IP. 

 

access
network
  • JM's avatar
    JM
    Meteor
    2 months ago

    Agreed. In our case we would use such containers with Remote Port Forwarding rules, where we need to allow a long list of external IPs access to certain internal resources. Managing that is a total pain currently.

  • bizzle90's avatar
    bizzle90
    Icon for Cato Employee rankCato Employee
    2 months ago

    Hey TT & JM,

    I do agree that this would be a great functionality to add to the Cato product within the Network Rule configuration. I have conducted some backend research to confirm if we have anything in the works regarding an RFE to PM. I can't see anything interestingly. 

    As a workaround you can add the IP Range object (customizing the ranges), I do agree that this is currently quite a long winded solution, but still a solution for the time being, using Source as an example below:

     

    That said, if you wish, you can raise RFE requests regarding this feature to our Support Team, or via your respective Customer Services representative. 

    Thanks!

  • TT's avatar
    TT
    Comet
    2 months ago

    Will create a RFE for this and hope for the best.