Manualshelf

TMS zl Management and Configuration Guide ST.1.0.090213

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
361362363364365366367368369370
5-6
Network Address Translation
NAT Operations
Table 5-3. Many-to-Many Source NAT
Note To prevent packets from being dropped, you can create three many-to-one
policies, one for each NAT address, each specifying a different set of source
addresses. Therefore, every endpoint that requests a connection will receive
one of the NAT addresses. Do not create these policies, however, if it is crucial
that source port numbers never be translated. (See “Limited NAT Pool” on
page 5-35.)
Destination NAT
With destination NAT, the TMS zl Module translates the destination IP address
of a packet to a new IP address. Typically, destination NAT is configured to
allow external devices to use a public IP address to access services in an
internal network.
Figure 5-2. Destination NAT
Note For the sake of simplicity, the explanations of destination NAT will refer to
public and private IP addresses. You might choose to apply NAT between two
network segments, neither of which you define as public or private. (Note also
that all IP addresses used in the examples, whether labelled “public” or
“private,” are technically private IP addresses. They are used only to illustrate
the examples.)
Before NAT After NAT
SA
1
SP
1
DA
1
DP
1
SA
2
SP
2
DA
2
DP
2
10.1.1.10 50055 172.16.122.63 80 192.168.5.22 50055 172.16.122.63 80
10.1.1.11 50056 192.168.2.77 21
192.168.5.23 50056 192.168.2.77 21
10.1.1.12 50057 172.16.222.8 88
192.168.5.24 50057 172.16.222.8 88
10.1.1.13 50058 192.168.2.75 53 dropped dropped dropped dropped
10.1.1.14 50059 172.16.53.78 69 dropped dropped dropped dropped