Manualshelf

TMS zl Management and Configuration Guide ST.1.0.090213

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
371372373374375376377378379380
5-10
Network Address Translation
NAT Operations
Exclusion NAT
You can use this NAT type to exclude specific traffic from being translated,
according to the following parameters:
Source and destination zone
Service
Source and destination addresses
Use exclusion NAT if you have an existing source or destination NAT policy,
but you want to exclude a subset of those addresses or services from transla-
tion. For example, if you configure a policy to translate all traffic from subnet
10.1.1.0/24 to the External zone, you could configure an exclusion policy to
exclude HTTPS traffic. In this case, all traffic from 10.1.1.0/24 to External will
be translated, except HTTPS traffic.
It can also be useful to configure an exclusion NAT policy to prevent traffic
that should be sent over a VPN tunnel from having NAT performed on it before
it is selected and encapsulated for the tunnel.
Packet Flow
The core component of the TMS zl Module is the firewall, which controls the
packet flow through the other components of the TMS zl Module, including
NAT. Figure 5-3 shows the overall packet flow of NAT operation.