Figure 7.3. Automatic Address Translation
Automatic translation is enabled by choosing the
Auto
option for source address translation and
this is selected by default in an
IP Policy
object. NetDefendOS will then decide which, if any,
translation to perform by applying the rules summarized in the table below.
# Type of Source IP
Type of Destination IP
Action Taken
1 Public
Private or Public
Allow with no translation.
2 Private
Public
NAT using the destination interface's IP.
3 Private
Private
and
Destination Translation
= SAT
and
Source Network
contains the SAT IP.
NAT using the destination interface's IP.
4 Private
Private
and the previous action didn't trigger.
Allow with no translation.
A more detailed explanation of the automatic translation rules summarized above is as follows:
•
If the connection's source IP address is a public address:
NetDefendOS will
Allow
traffic from the source address to the destination address.
•
If the connection's source IP address is a private address:
i.
If the destination address is a public IP address, NetDefendOS will NAT the source
address through the IP address of the destination interface.
ii.
If the
Destination Translation
is set to
SAT
and the
Source Network
contains the
SAT
Destination
IP address, NetDefendOS will NAT the private source address through the IP
address of the destination interface. (This allows, for example, a protected webserver to
be accessed by internal clients.)
Or if the above is not the case and the destination address is a private IP address,
NetDefendOS will
Allow
the traffic from the private source address to the private
destination address.
Chapter 7: Address Translation
581
Summary of Contents for NetDefendOS
Page 30: ...Figure 1 3 Packet Flow Schematic Part III Chapter 1 NetDefendOS Overview 30 ...
Page 32: ...Chapter 1 NetDefendOS Overview 32 ...
Page 144: ...Chapter 2 Management and Maintenance 144 ...
Page 284: ...Chapter 3 Fundamentals 284 ...
Page 392: ...Chapter 4 Routing 392 ...
Page 419: ... Host 2001 DB8 1 MAC 00 90 12 13 14 15 5 Click OK Chapter 5 DHCP Services 419 ...
Page 420: ...Chapter 5 DHCP Services 420 ...
Page 573: ...Chapter 6 Security Mechanisms 573 ...
Page 607: ...Chapter 7 Address Translation 607 ...
Page 666: ...Chapter 8 User Authentication 666 ...
Page 775: ...Chapter 9 VPN 775 ...
Page 819: ...Chapter 10 Traffic Management 819 ...
Page 842: ...Chapter 11 High Availability 842 ...
Page 866: ...Default Enabled Chapter 13 Advanced Settings 866 ...
Page 879: ...Chapter 13 Advanced Settings 879 ...