234 MDS Orbit MCR/ECR Technical Manual MDS 05-6632A01, Rev. F
Figure 3-152. Interface's NAT Configuration
The Source dropdown box lists all available source NAT rule lists. Select the new rule list, and click the
Save button in the upper left corner of the screen to apply it to the cellular interface.
Using the CLI
To perform the same procedure with the CLI, first change to configuration mode. The steps needed to
produce the same source NAT rule set and apply it to the cell interface follow.
Enable the firewall service, if it is not already enabled. 1.
% set services firewall enabled true
Create source NAT rule-set named “Example.” 2.
% set services firewall nat source rule-set Example
Create a rule for masquerading. 3.
% set services firewall nat source rule-set Example rule 1 source-nat interface
Apply this source NAT rule-set to the cellular interface. 4.
% set interfaces Cell nat source Example
Commit configuration and exit configuration mode. 5.
% commit
Monitoring
At this time there are no commands to monitor traffic statistics for packets being masqueraded by the
firewall. This feature may be added in future revisions of firmware.
Destination NAT (Port Forwarding) 3.8.10
Destination NAT performs translation of destination IP address (and, optionally, destination port) of the
traffic ingressing an interface. This is typically used to allow a host on the public network (HOST-B) to
access a service running on a host in the private network (HOST-1). This is also called port forwarding.
Figure 3-153 shows the flow of packets being port-forwarded (DNAT’ed) through the MCR unit. For
example, TCP traffic arriving at the cellular interface and getting port forwarded to a private host
connected to the local Ethernet interface.
To Next Page
Loading...
Need help?
General
