Manualshelf

HP VPN Firewall Appliances NAT and ALG Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
11121314151617181920
9
Item Descri
tion
Address Transfer
Select an address translation mode:
PATRefers to NAPT. In this mode, associating an ACL with an address pool
translates both IP addresses and port numbers.
No-PATRefers to many-to-many NAT. In this mode, associating an ACL with an
address pool translates only IP addresses.
Easy IPIn this mode, the NAT gateway directly uses an interface's public IP
address as the translated IP address, and uses an ACL to match IP packets.
Only one mode can be selected for an address pool.
Address Pool Index
Specify the index of a NAT address pool for dynamic NAT.
The NAT address pool must have been configured through NAT address
configuration.
If Easy IP is selected for Address Transfer, you do not need to enter an address pool
index.
Global VPN Instance
Specify the name of the instance to which the external IP addresses (that is, the NAT
address pool) belong.
Enable track to VRRP
Configure whether to associate dynamic NAT on an interface with a VRRP group,
and specify the VRRP group to be associated if you associate dynamic NAT on an
interface with a VRRP group.
When two network devices implement both stateful failover and dynamic NAT,
Make sure each address pool on an interface is associated with one VRRP group
only. Otherwise, the system associates the address pool with the VRRP group
having the highest group ID.
To ensure normal switchovers between the two devices, you must add the devices
to the same VRRP group, and associate dynamic NAT with the VRRP group.
VRRP Group
Port Preserved Configure whether to preserve port information during address translation.
Creating a static address mapping
1. From the navigation tree, select Firewall > NAT Policy > Static NAT.