Creating a NAT Policy |
48
Creating a NAT Policy
The Network Address Translation (NAT) engine in SonicOS
allows users to define granular NAT policies for their incoming
and outgoing traffic. By default, the Dell SonicWALL security
appliance has a preconfigured NAT policy to allow all systems
connected to the
LAN
interface to perform Many-to-One NAT
using the IP address of the
WAN
interface, and a policy to not
perform NAT when traffic crosses between the other interfaces.
You can create multiple NAT policies on a Dell SonicWALL
running SonicOS for the same object – for instance, you can
specify that an internal server use one IP address when
accessing Telnet servers, and to use a totally different IP
address for all other protocols. Because the NAT engine in
SonicOS supports inbound port forwarding, it is possible to hide
multiple internal servers off the WAN IP address of the Dell
SonicWALL security appliance. The more granular the NAT
Policy, the more precedence it takes.
Before configuring NAT Policies, you must create all Address
Objects associated with the policy. For instance, if you are
creating a One-to-One NAT policy, first create Address Objects
for your public and private IP addresses.
Address Objects are one of four object classes (Address, User,
Service and Schedule) in SonicOS. These Address Objects
allow for entities to be defined one time, and to be re-used in
multiple referential instances throughout the SonicOS interface.
For example, take an internal Web server with an IP address of
67.115.118.80. Rather than repeatedly typing in the IP address
when constructing Access Rules or NAT Policies, Address
Objects allow you to create a single entity called “My Web
Server” as a Host Address Object with an IP address of
67.115.118.80. This Address Object, “My Web Server”, can then
be easily and efficiently selected from a drop-down menu in any
configuration screen that employs Address Objects as a
defining criterion.
Since there are multiple types of network address expressions,
there are currently the following Address Objects types:
•
Host
— Host Address Objects define a single host by its IP
address.
•
Range
— Range Address Objects define a range of
contiguous IP addresses.
•
Network
— Network Address Objects are like Range objects
in that they comprise multiple hosts, but rather than being
bound by specified upper and lower range delimiters, the
boundaries are defined by a valid netmask.
•
MAC Address
—MAC Address Objects allow for the
identification of a host by its hardware address or MAC (Media
Access Control) address.
•
FQDN Address
—FQDN Address Objects allow for the
identification of a host by its Fully Qualified Domain Names
(FQDN), such as www.sonicwall.com.
Содержание NSA E5500
Страница 1: ...Getting Started Guide Dell SonicWALL E Class NSA Appliances NETWORK SECURITY NSA E5500 ...
Страница 17: ......
Страница 64: ...M5 SCREW 8 M5 Nut 8 Assemble the Slide Rail Fasten two sided screws to the rail 2 C C ...
Страница 65: ...Assemble Inner Rail to Chassis Fasten 6 screws to attach the inner channel onto the chassis M4 SCREW 6 3 D D ...
Страница 66: ...Insert Chassis to Frame 4 Push hook down to separate Slide inner channel into rails ...
Страница 67: ......
Страница 74: ......