Manualshelf

HP VPN Firewall Appliances NAT and ALG Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
51525354555657585960
47
NAT444
The device does not support stateful failover of the NAT444 feature.
NAT444 can be configured only at the CLI.
Feature and hardware compatibility
Hardware NAT444
com
p
atibilit
y
F1000-A-EI/F1000-S-EI No
F1000-E No
F5000 No
F5000-S/F5000-C No
VPN firewall modules Yes
20-Gbps VPN firewall modules Yes
Overview
NAT444 translates an IPv4 address to another IPv4 address to a third IPv4 address. Compared to
transition technologies like DS-Lite, NAT64, 6RD, and dual stack, it costs less on the accessing devices
and services by only doubling the NAT at the carrier grade.
Features
Assigning port blocks
NAT444 applies to the scenario where multiple users use a public address for accessing services and
solves the user tracing problem by assigning port blocks.
As shown in Figure 34, af
ter NAT444 tr
anslation, internal users at 10.1.1.1 and 10.1.1.2 use the same
public address but different port numbers for accessing Internet services.