Manualshelf

HP VPN Firewall Appliances Access Control Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
131132133134135136137138139140
128
Virtual fragment reassembly configuration example
Network requirements
As shown in Figure 101, the host accesses the router through the firewall and NAT is enabled on interface
GigabitEthernet 0/1 of the firewall. Enable virtual fragment reassembly for security zone Trust on the
firewall to ensure secure and efficient NAT.
Figure 101 Network diagram
Configuring the host
Configure a static route to the router. (Details not shown.)
Configuring the firewall
1. Configure IP addresses for the interfaces and assign the interfaces to security zones. (Details not
shown.)
2. Configure a static address mapping:
a. Select Firewall > NAT Policy > Static NAT from the navigation tree.
b. Click Add in the Static Address Mapping area.
c. Enter 1.1.1.1 for Internal IP Address and enter 2.2.2.3 for Global IP Address.
d. Click Apply.
Figure 102 Adding a static address mapping
3. Enable static NAT on GigabitEthernet 0/1:
a. Click Add in the Interface Static Translation area.
b. Select interface GigabitEthernet0/1.
c. Click Apply.