HP VPN Firewall Appliances NAT and ALG Configuration Guide

Configuration guidelines

Follow these guidelines when you configure NAT:

• An address pool can contain a maximum of 255 addresses.

• On certain types of devices, an address pool cannot include addresses in other address pools, IP

addresses of interfaces with Easy IP enabled, or public addresses of internal servers.

• Low-priority address pools cannot include addresses in non low-priority address pools, external IP

addresses for one-to-one NAT, and public addresses of internal servers.

• The address pool, dynamic NAT, static NAT, and internal server configurations can be modified

through Web pages. The modification you make takes effect after the former configuration is

removed by the system.

Configuring NAT in the Web interface

Recommended configuration procedure

Configuring dynamic NAT

Task Remarks

Creating an address pool Required for NAPT and NO-PAT modes.

Configuring dynamic NAT on an interface

Required.

Configuring static NAT

Task Remarks

Creating a static address mapping

Required.

Static NAT supports two modes, one-to-one and net-to-net.

Enabling static NAT on an interface Required.

Configuring an internal server

Task Remarks

Configuring an internal server

Required.

After you map the private IP address/port number of an internal

server to a public IP address/port number, hosts in external networks

can access the server located in the private network.

Configuring DNS mapping

Optional.

The DNS mapping feature enables an internal host to use the domain

name to access an internal server located on the same private

network, while the DNS server resides on the public network.