Manualshelf

F3726, F3211, F3174, R5135, R3816-HP Firewalls and UTM Devices Access Control Configuration Guide-6PW100

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
131132133134135136137138139140
132
181BVirtual fragment reassembly configuration example
350BNetwork requirements
As shown in 649HFigure 109, the host accesses the router through the firewall and NAT is enabled on interface
GigabitEthernet 0/1 of the firewall. Enable virtual fragment reassembly for security zone Trust on the
firewall to ensure secure and efficient NAT.
Figure 109 Network diagram
351BConfiguring the host
Configure a static route to the router. (Details not shown.)
352BConfiguring the firewall
1. Configure IP addresses for the interfaces and assign the interfaces to security zones. (Details not
shown.)
2. Configure a static address mapping:
a. Select Firewall > NAT Policy > Static NAT from the navigation tree.
b. Click Add in the Static Address Mapping area.
c. Enter 1.1.1.1 for Internal IP Address and enter 2.2.2.3 for Global IP Address.
d. Click Apply.
Figure 110 Adding a static address mapping
3. Enable static NAT on GigabitEthernet 0/1:
a. Click Add in the Interface Static Translation area.
b. Select interface GigabitEthernet0/1.