User manual
• Source Interface:any
• Source Network: all-nets
• Destination Interface: wan
• Destination Network: wwwsrv_pub
4. Click OK
7.3.3. All-to-One Mappings (N:1)
NetDefendOS can be used to translate ranges and/or groups into just one IP address.
# Action Src Iface Src Net Dest Iface Dest Net Parameters
1 SAT any all-nets wan 194.1.2.16-194.1.2.20,
194.1.2.30
http SETDEST all-to-one
192.168.0.50 80
This rule produces a N:1 translation of all addresses in the group (the range 194.1.2.16 - 194.1.2.20
and 194.1.2.30) to the IP 192.168.0.50.
• Attempts to communicate with 194.1.2.16, port 80, will result in a connection to 192.168.0.50
• Attempts to communicate with 194.1.2.30, port 80, will result in a connection to 192.168.0.50
Note
When all-nets is the destination, All-to-One mapping is always done.
7.3.4. Port Translation
Port Translation, also known as Port Address Translation (PAT), can be used to modify the source
or destination port.
# Action Src Iface Src Net Dest Iface Dest Net Parameters
1 SAT any all-nets wan wwwsrv_pub TCP 80-85 SETDEST 192.168.0.50 1080
This rule produces a 1:1 translation of all ports in the range 80 - 85 to the range 1080 - 1085.
• Attempts to communicate with the web servers public address, port 80, will result in a
connection to the web servers private address, port 1080.
• Attempts to communicate with the web servers public address, port 84, will result in a
connection to the web servers private address, port 1084.
Note
In order to create a SAT Rule that allows port translation, a Custom Service must be
used with the SAT Rule.
7.3.5. Protocols handled by SAT
Generally, static address translation can handle all protocols that allow address translation to take
place. However, there are protocols that can only be translated in special cases, and other protocols
that simply cannot be translated at all.
7.3.3. All-to-One Mappings (N:1) Chapter 7. Address Translation
297