Chapter 12 NAT
NXC Series User’s Guide
192
Classification Select what kind of NAT this rule is to perform.
Virtual Server - This makes computers on a private network behind the NXC available to a
public network outside the NXC (like the Internet).
1:1 NAT - If the private network server will initiate sessions to the outside clients, select this to
have the NXC translate the source IP address of the server’s outgoing traffic to the same public
IP address that the outside clients use to access the server.
Many 1:1 NAT - If you have a range of private network servers that will initiate sessions to the
outside clients and a range of public IP addresses, select this to have the NXC translate the
source IP address of each server’s outgoing traffic to the same one of the public IP addresses
that the outside clients use to access the server. The private and public ranges must have the
same number of IP addresses.
One many 1:1 NAT rule works like multiple 1:1 NAT rules, but it eases configuration effort since
you only create one rule.
Mapping Rule
Incoming
Interface
Select the interface on which packets for the NAT rule must be received.
It can be an Ethernet
or VLAN interface.
Original IP Specify the destination IP address of the packets received by this NAT rule’s specified incoming
interface.
any - Select this to use all of the incoming interface’s IP addresses including dynamic
addresses.
User Defined - Select this to manually enter an IP address in the User Defined field. For example,
you could enter a static public IP assigned by the ISP.
Host address - select a host address object to use the IP address it specifies. The list also includes
address objects based on interface IPs. So for example you could select an address object
based on a WAN interface even if it has a dynamic IP address.
User Defined
Original IP
This field is available if Original IP is User Defined. Type the destination IP address that this NAT
rule supports.
Original IP
Subnet/Range
This field displays for Many 1:1 NAT. Select the destination IP address subnet or IP address range
that this NAT rule supports. The original and mapped IP address subnets or ranges must have
the same number of IP addresses.
Mapped IP Select to which translated destination IP address this NAT rule forwards packets.
User Defined - this NAT rule supports a specific IP address, specified in the User Defined field.
HOST address - the drop-down box lists all the HOST address objects in the NXC. If you select
one of them, this NAT rule supports the IP address specified by the address object.
User Defined
Mapped IP
This field is available if Mapped IP is User Defined. Type the translated destination IP address that
this NAT rule supports.
Mapped IP
Subnet/Range
This field displays for Many 1:1 NAT. Select to which translated destination IP address subnet or
IP address range this NAT rule forwards packets. The original and mapped IP address subnets or
ranges must have the same number of IP addresses.
Port Mapping
Type
Use the drop-down list box to select how many original destination ports this NAT rule supports
for the selected destination IP address (Original IP). Choices are:
Any - this NAT rule supports all the destination ports.
Service - this NAT rule supports the destination port(s) used by the specified service(s).
Port - this NAT rule supports one destination port.
Ports - this NAT rule supports a range of destination ports. You might use a range of destination
ports for unknown services or when one server supports more than one service.
This field is read-only and displays any for Many 1:1 NAT.
Table 84 Configuration > Network > NAT > Add/Edit (continued)
LABEL DESCRIPTION
To Next Page
Loading...
