5 - 126 WiNG 5.5 Access Point System Reference Guide
The NAT Pool tab displays by default. The NAT Pool tab lists those NAT policies created thus far. Any of these policies can
be selected and applied to the access point profile.
5. Select Add to create a new NAT policy that can be applied to a profile. Select Edit to modify the attributes of a existing
policy or select Delete to remove obsolete NAT policies from the list of those available to a profile.
Figure 5-76 Profile Security - NAT Pool tab - NAT Pool field
6. If adding a new NAT policy or editing the configuration of an existing policy, define the following parameters:
7. Select the + Add Row button to append additional rows to the IP Address Range table.
8. Select OK to save the changes made to the profile’s NAT Pool configuration. Select Reset to revert to the last saved
configuration.
9. Select the Static NAT tab. The Source tab displays by default.
The Source tab displays by default and lists existing static NAT configurations. Existing static NAT configurations are not
editable, but new configurations can be added or existing ones deleted as they become obsolete.
Static NAT creates a permanent, one-to-one mapping between an address on an internal network and a perimeter or
external network. To share a Web server on a perimeter interface with the Internet, use static address translation to map
the actual address to a registered IP address. Static address translation hides the actual address of the server from users
on insecure interfaces. Casual access by unauthorized users becomes much more difficult. Static NAT requires a dedicated
address on the outside network for each host.
Name If adding a new NAT policy, provide a name to help distinguish it from others with similar
configurations. The length cannot exceed 64 characters.
IP Address Range Define a range of IP addresses that are hidden from the public Internet. NAT modifies network
address information in the defined IP range while in transit across a traffic routing device. NAT
only provides IP address translation and does not provide a firewall. A branch deployment with
NAT by itself will not block traffic from being potentially routed through a NAT device.
Consequently, NAT should be deployed with a stateful firewall.
To Next Page
Loading...
