SonicWALL E6500 Manuale Utente
SonicWALL NSA E6500 Getting Started Guide
Page 47
6.
Click OK.
Configuring NAT Policies
NAT policies allow you to control Network Address Translation
based on matching combinations of Source IP address,
Destination IP address and Destination Services. Policy-based
NAT allows you to deploy different types of NAT simultaneously.
The following NAT configurations are available in SonicOS
Enhanced:
based on matching combinations of Source IP address,
Destination IP address and Destination Services. Policy-based
NAT allows you to deploy different types of NAT simultaneously.
The following NAT configurations are available in SonicOS
Enhanced:
•
Many-to-One NAT Policy
•
Many-to-Many NAT Policy
•
One-to-One NAT Policy for Outbound Traffic
•
One-to-One NAT Policy for Inbound Traffic (Reflexive)
•
One-to-Many NAT Load Balancing
•
Inbound Port Address Translation via One-to-One NAT
Policy
Policy
•
Inbound Port Address Translation via WAN IP Address
This section describes how to configure a One-to-One NAT
policy. One-to-One is the most common NAT policy used to
route traffic to an internal server, such as a Web Server. Most of
the time, this means that incoming requests from external IPs
are translated from the IP address of the SonicWALL security
appliance WAN port to the IP address of the internal web
server.
policy. One-to-One is the most common NAT policy used to
route traffic to an internal server, such as a Web Server. Most of
the time, this means that incoming requests from external IPs
are translated from the IP address of the SonicWALL security
appliance WAN port to the IP address of the internal web
server.
For other NAT configurations, see the SonicOS Enhanced
Administrator’s Guide.
Administrator’s Guide.
An example configuration illustrates the use of the fields in the
Add NAT Policy procedure. To add a One-to-One NAT policy
that allows all Internet traffic to be routed through a public IP
address, two policies are needed: one for the outbound traffic,
and one for the inbound traffic. To add both parts of a One-to-
One NAT policy, perform the following steps:
1.
Add NAT Policy procedure. To add a One-to-One NAT policy
that allows all Internet traffic to be routed through a public IP
address, two policies are needed: one for the outbound traffic,
and one for the inbound traffic. To add both parts of a One-to-
One NAT policy, perform the following steps:
1.
Navigate to the Network > NAT Policies page. Click Add.
The Add NAT Policy dialog box displays.
2.
For Original Source, select Any.
3.
For Translated Source, select Original.
4.
For Original Destination, select X0 IP.
5.
For Translated Destination, select Create new address
object and create a new address object using WAN for
Zone Assignment and Host for Type.
6.
For Original Service, select HTTP.
7.
For Translated Service, select Original.
8.
For Inbound Interface, select X0.
9.
For Outbound Interface, select Any.
10. For Comment, enter a short description.
11. Select the Enable NAT Policy checkbox.
12. Select the Create a reflexive policy checkbox if you want
11. Select the Enable NAT Policy checkbox.
12. Select the Create a reflexive policy checkbox if you want
a matching NAT Policy to be automatically created in the
opposite direction. This will create the outbound as well as
the inbound policies.
Click OK
NSA_E6500_GSG.book Page 47 Wednesday, June 17, 2009 7:16 PM