Setting up One-to-One NAT
119
LAN
The IP Address and Subnet on the Firewall’s LAN port are shown at the
top of the window. See “Specifying the LAN Settings” on page 57 to
change these settings.
DMZ/WAN
The IP addresses of the DMZ, if appropriate, and WAN ports are shown.
These differ from that of the LAN port if NAT is enabled. See “Specifying
the WAN/DMZ Settings” on page 58 to change these settings.
Add Route
Type the destination network of the router in the
Dest. Network
box, and
the IP address of the router as it appears on Firewall’s subnet in the
Gateway
box. From the Link drop-down list, select the port on the
Firewall,
LAN
or
WAN
, that the router is connected to. You may have to
check the configuration of the LAN routers in order to find this
information.
Click
Update
to send the configuration data to the Firewall.
Setting up
One-to-One NAT
One-to-One NAT creates a relationship which maps valid external
addresses to internal addresses hidden by NAT. Machines with an internal
address may be accessed at the corresponding external valid IP address.
To create this relationship between internal and external addresses,
define internal and external address ranges of equal length. Once you
have defined that relationship, the machine with the first internal address
is accessible at the first IP address in the external address range, the
second machine at the second external IP address, and so on.
Consider a LAN for which the ISP has assigned the IP address range from
209.19.28.16
to
209.19.28.31
, with
209.19.28.16
used as the NAT
Public Address. You have configured the address range of
192.168.1.1
to
192.168.1.255
to be used for the machines on the LAN. Typically, only
machines that have been designated as Public LAN Servers are accessible
from the Internet. However, with One-to-One NAT, the machines with the
internal IP addresses of
192.168.1.2
to
192.168.1.16
can be made
accessible at the corresponding external IP address, as shown in Table 4.
DUA1611-0AAA02.book Page 119 Thursday, August 2, 2001 4:01 PM
Содержание 3C16111 - SuperStack 3 Firewall Web Site Filter
Страница 18: ...18 DUA1611 0AAA02 book Page 18 Thursday August 2 2001 4 01 PM ...
Страница 50: ...50 DUA1611 0AAA02 book Page 50 Thursday August 2 2001 4 01 PM ...
Страница 96: ...96 CHAPTER 6 USING THE FIREWALL DIAGNOSTIC TOOLS DUA1611 0AAA02 book Page 96 Thursday August 2 2001 4 01 PM ...
Страница 122: ...122 CHAPTER 8 ADVANCED SETTINGS DUA1611 0AAA02 book Page 122 Thursday August 2 2001 4 01 PM ...
Страница 150: ...150 CHAPTER 10 CONFIGURING HIGH AVAILABILITY DUA1611 0AAA02 book Page 150 Thursday August 2 2001 4 01 PM ...
Страница 152: ...152 DUA1611 0AAA02 book Page 152 Thursday August 2 2001 4 01 PM ...
Страница 166: ...166 CHAPTER 11 ADMINISTRATION AND ADVANCED OPERATIONS DUA1611 0AAA02 book Page 166 Thursday August 2 2001 4 01 PM ...
Страница 174: ...174 DUA1611 0AAA02 book Page 174 Thursday August 2 2001 4 01 PM ...
Страница 178: ...178 CHAPTER 13 TYPES OF ATTACK AND FIREWALL DEFENCES DUA1611 0AAA02 book Page 178 Thursday August 2 2001 4 01 PM ...
Страница 190: ...190 CHAPTER 14 NETWORKING CONCEPTS DUA1611 0AAA02 book Page 190 Thursday August 2 2001 4 01 PM ...
Страница 192: ...192 DUA1611 0AAA02 book Page 192 Thursday August 2 2001 4 01 PM ...
Страница 206: ...206 APPENDIX D TECHNICAL SUPPORT DUA1611 0AAA02 book Page 206 Thursday August 2 2001 4 01 PM ...
Страница 212: ...212 INDEX DUA1611 0AAA02 book Page 212 Thursday August 2 2001 4 01 PM ...
Страница 214: ...DUA1611 0AAA02 book Page 214 Thursday August 2 2001 4 01 PM ...