SonicWALL NSA 240 Getting Started Guide Page 53
Configuring NAT Policies
NAT policies allow you to control Network Address Translation
based on matching combinations of Source IP address,
Destination IP address and Destination Services. Policy-based
NAT allows you to deploy different types of NAT simultaneously.
The following NAT configurations are available in SonicOS
Enhanced:
• Many-to-One NAT Policy
• Many-to-Many NAT Policy
• One-to-One NAT Policy for Outbound Traffic
• One-to-One NAT Policy for Inbound Traffic (Reflexive)
• One-to-Many NAT Load Balancing
• Inbound Port Address Translation via One-to-One NAT
Policy
• Inbound Port Address Translation via WAN IP Address
This section describes how to configure a One-to-One NAT
policy. One-to-One is the most common NAT policy used to
route traffic to an internal server, such as a Web Server. Most of
the time, this means that incoming requests from external IPs
are translated from the IP address of the SonicWALL security
appliance WAN port to the IP address of the internal web
server.An example configuration illustrates the use of the fields
in the Add NAT Policy procedure. To add a One-to-One NAT
policy that allows all Internet traffic to be routed through a public
IP address, two policies are needed: one for the outbound
traffic, and one for the inbound traffic.
To add the components of a One-to-One NAT policy, perform
the following steps:
1. Navigate to the Network > NAT Policies page. Click Add.
The Add NAT Policy dialog box displays.
2. For Original Source, select Any.
3. For Translated Source, select Original.
4. For Original Destination, select X0 IP.
5. For Translated Destination, select Create new address
object and create a new address object using WAN for
Zone Assignment and Host for Type.
6. For Original Service, select HTTP.
7. For Translated Service, select Original.
8. For Inbound Interface, select X0.
9. For Outbound Interface, select Any.
10. For Comment, enter a short description.
11. Select the Enable NAT Policy checkbox.
12. Select the Create a reflexive policy checkbox if you want
a matching NAT Policy to be automatically created in the
opposite direction. This will create the outbound as well as
the inbound policies.
13. Click Add
.
Policies for subnets behind the other interfaces of the
SonicWALL security appliance can be created by emulating
these steps. Create a new NAT policy in which you adjust the
source interface and specify the Original Source: the subnet
behind that interface.
To Next Page
Loading...
