SonicWALL NSA E6500 Getting Started Guide
Page 47
6.
Click
OK
.
Configuring NAT Policies
NAT policies allow you to control Network Address Translation
based on matching combinations of Source IP address,
Destination IP address and Destination Services. Policy-based
NAT allows you to deploy different types of NAT simultaneously.
The following NAT configurations are available in SonicOS
Enhanced:
•
Many-to-One NAT Policy
•
Many-to-Many NAT Policy
•
One-to-One NAT Policy for Outbound Traffic
•
One-to-One NAT Policy for Inbound Traffic (Reflexive)
•
One-to-Many NAT Load Balancing
•
Inbound Port Address Translation via One-to-One NAT
Policy
•
Inbound Port Address Translation via WAN IP Address
This section describes how to configure a One-to-One NAT
policy. One-to-One is the most common NAT policy used to
route traffic to an internal server, such as a Web Server. Most of
the time, this means that incoming requests from external IPs
are translated from the IP address of the SonicWALL security
appliance WAN port to the IP address of the internal web
server.
For other NAT configurations, see the
SonicOS Enhanced
Administrator’s Guide
.
An example configuration illustrates the use of the fields in the
Add NAT Policy procedure. To add a One-to-One NAT policy
that allows all Internet traffic to be routed through a public IP
address, two policies are needed: one for the outbound traffic,
and one for the inbound traffic. To add both parts of a One-to-
One NAT policy, perform the following steps:
1.
Navigate to the
Network
>
NAT
Policies page. Click
Add
.
The
Add NAT Policy
dialog box displays.
2.
For
Original Source
, select
Any
.
3.
For
Translated Source
, select
Original
.
4.
For
Original Destination
, select
X0 IP
.
5.
For
Translated Destination
, select
Create new address
object
and create a new address object using
WAN
for
Zone Assignment and
Host
for Type.
6.
For
Original Service
, select
HTTP
.
7.
For
Translated Service,
select
Original
.
8.
For
Inbound Interface
, select
X0
.
9.
For
Outbound Interface
, select
Any
.
10. For
Comment
, enter a short description.
11. Select the
Enable NAT Policy
checkbox.
12. Select the
Create a reflexive policy
checkbox if you want
a matching NAT Policy to be automatically created in the
opposite direction. This will create the outbound as well as
the inbound policies.
Click
OK
NSA_E6500_GSG.book Page 47 Wednesday, June 17, 2009 7:16 PM
Содержание NSA E6500
Страница 55: ...Page 54 Deployment Configuration Reference Checklist NSA_E6500_GSG book Page 54 Wednesday June 17 2009 7 16 PM ...
Страница 62: ...SonicWALL NSA E6500 Getting Started Guide Page 61 NSA_E6500_GSG book Page 61 Wednesday June 17 2009 7 16 PM ...
Страница 63: ...Page 62 SonicWALL Live Product Demos NSA_E6500_GSG book Page 62 Wednesday June 17 2009 7 16 PM ...
Страница 69: ...Page 68 Rack Mounting Instructions NSA_E6500_GSG book Page 68 Wednesday June 17 2009 7 16 PM ...
Страница 75: ...Page 74 Notes NSA_E6500_GSG book Page 74 Wednesday June 17 2009 7 16 PM ...
Страница 77: ...Page 76 Notes NSA_E6500_GSG book Page 76 Wednesday June 17 2009 7 16 PM ...