Black Box LR1112A-T1/E1 Manual De Usuario
Black Box LR11xx Series Router Configurations Guide
88
13.1.3Port Address Translation (Many to one)
Figure 27 Mapping Multiple NAT Addresses to One Public IP Address
NAT allows multiple IP addresses to be mapped to one address.
There are two methods to configure Port Address Translation (PAT) on the Black Box gateway. In the first method, specify the
IP address to the
IP address to the
nat-ip
parameter in the
policy
command. In the second method, create a pool of type PAT and then
attach it to the policy.
In PAT, multiple hosts can share the same IP address.
The PAT configuration shown in Figure 27 includes:
Private network address: 10.1.1.1—10.1.1.3
PAT address: 50.1.1.5
Method:1 – Specifying NAT address with the policy command
To configure this method of PAT, add the policy with the source IP address range, then specify the
nat-ip
address in the
policy
command.
Blackbox/configure> firewall corp
Blackbox/configure/firewall corp> policy 2 out address 10.1.1.1 10.1.1.3 any any nat-ip
50.1.1.5
Blackbox/configure/firewall corp/policy 2 out>
exit 2
Blackbox/configure>
Method:2 – Attaching nat pool to the policy
To configure the second type of NAT, create a NAT pool with type
pat
and specify the IP address. Then add the policy with
the source IP address range. Finally, attach the NAT pool to the policy.
Blackbox/configure> firewall corp
Blackbox/configure/firewall corp> object
Blackbox/configure/firewall corp/object> nat-pool addresspoolPat pat 50.1.1.5
Blackbox/configure/firewall corp/object> exit
Blackbox/configure/firewall corp> policy 2 out address 10.1.1.1 10.1.1.3 any any
Blackbox/configure/firewall corp/policy 2 out> apply-object nat-pool addresspoolPat
Blackbox/configure/firewall corp/policy 2 out> exit 2
Blackbox/configure>
OPAL
50.1.1.5
INTERNET
10.1.1.3
10.1.1.2
10.1.1.1