Roles and Policies
15.1 Firewall Policies
SCALANCE W1750D UI
Configuration Manual, 02/2018, C79000-G8976-C451-02
249
Configuring a Destination-NAT Access Rule
SCALANCE W supports configuration of the destination-NAT rule, which can be used to
redirect traffic to the specified IP address and destination port. The destination-NAT
configuration is supported only in the bridge mode without VPN.
You can configure a destination-NAT access rule by using the SCALANCE W UI or the CLI.
In the SCALANCE W UI
To configure a destination-NAT access rule:
1.
Navigate to the WLAN wizard or the Wired settings window:
–
To configure access rules for a WLAN SSID, in the Network tab, click New to create a
new network profile or click edit to modify an existing profile.
–
To configure access rules for a wired profile, More > Wired. In the Wired window, click
New under Wired Networks to create a new network or click Edit to select an existing
profile.
2.
Click the Access tab and perform any of the following steps:
–
To configure access rules for the network, move the slider to the Network-based
access control type.
–
To configure access rules for user roles, move the slider to the Role-based access
control type.
3.
To create a new rule for the network, click New. To create an access rule for a user role,
select the user role and then click New. The New Rule window is displayed.
4.
In the New Rule window, perform the following steps:
–
Select Access control from the Rule type drop-down list.
–
Select destination-NAT from the Action drop-down list, to allow for making changes to
the source IP address.
–
Specify the IP address and port details.
–
Select a service from the list of available services.
–
Select the required option from the Destination drop-down list.
–
If required, enable other parameters such as Log, Blacklist, Classify media, Disable
scanning, DSCP tag, and 802.1p priority.
–
Click OK.
5.
Click Finish.
In the CLI
To configure destination-NAT access rule:
(scalance)(config)# wlan access-rule <access_rule>
(scalance)(Access Rule "<access_rule>")# rule <dest> <mask> <match> <protocol>
<sport> <eport> dst-nat ip <IP-address> [<port>] (scalance)(Access Rule
"<access_rule>")# end (scalance)# commit apply
Содержание SCALANCE W1750D UI
Страница 18: ...About this guide SCALANCE W1750D UI 18 Configuration Manual 02 2018 C79000 G8976 C451 02 ...
Страница 28: ...About SCALANCE W 3 3 SCALANCE W CLI SCALANCE W1750D UI 28 Configuration Manual 02 2018 C79000 G8976 C451 02 ...
Страница 108: ...IPv6 Support 10 4 Debugging Commands SCALANCE W1750D UI 108 Configuration Manual 02 2018 C79000 G8976 C451 02 ...
Страница 326: ......
Страница 356: ......
Страница 374: ......
Страница 416: ......
Страница 440: ......
Страница 450: ...Intrusion Detection 27 4 Configuring IDS SCALANCE W1750D UI 450 Configuration Manual 02 2018 C79000 G8976 C451 02 ...
Страница 470: ......
Страница 480: ......
Страница 496: ......
Страница 518: ...Hotspot Profiles 33 3 Sample Configuration SCALANCE W1750D UI 518 Configuration Manual 02 2018 C79000 G8976 C451 02 ...
Страница 528: ......
Страница 552: ......
Страница 570: ...Appendix B 3 Glossary SCALANCE W1750D UI 570 Configuration Manual 02 2018 C79000 G8976 C451 02 ...