From what i understand Meraki support inbound NAT only (from external to internal) ?

Is that correct ?

Thanks

Yes, this is correct.

I was confused because the question was about inside-out NAT and outside-in 1:1 NAT.

They are not the same thing.

If you define a 1:1 NAT for inbound access - the MX also uses that same 1:1 NAT for all outbound access as well.

It is a "special exception".  I'm not sure it is even documented.

That's called a makeshift solution. 🤣

@PhilipDAth , I was thinking, it's fine to work that way, but in this case, he's opening a security vulnerability.

Exposing your host to the internet these days opens a very large vulnerability for a potential attacker.

He's taking the risk, but I personally have to disagree with that approach.

This business of working at any cost isn't my style; I prefer to assess the viability first and look at other options that offer less security risk.

This kind of thing bothers me a bit in the community—giving a solution, but it's not always the best or safest one.

I also make mistakes, but security is not something to be ignored.

When you create a 1:1 NAT it defaults to blocking all inbound access - it effectively acts solely as an outbound NAT.