TMS zl Management and Configuration Guide ST.1.1.100226
5-20
Network Address Translation
Configuring NAT Policies
7. For Source, do one of the following:
• From the list, select an address object. (See “Named Objects and Their
Uses” in Chapter 4: “Firewall.”)
•Click Options.
i. Select Enter custom IP, IP/mask or IP-Range.
ii. In the space provided, type an IP address in dotted-decimal
format, an IP address with network mask in CIDR format, or an
IP address range.
Examples:
192.168.5.23
172.16.56.100/24
10.1.1.10-10.1.1.50
• Leave the default, Any Address, if you want to perform NAT on traffic
from all devices in the source zone.
8. For Destination, do one of the following:
• From the list, select an address object.
•Click Options.
i. Select Enter custom IP, IP/mask or IP-Range.
ii. In the space provided, type an IP address in dotted-decimal
format, an IP address with network mask in CIDR format, or an
IP address range.
Specify the IP address (or addresses) to which traffic is originally des-
tined. For example, if this policy is intended to allow public access to an
internal server, specify the server’s public IP address.
9. For NAT IP address, type the IP address to which destination addresses are
translated.
You must specify a single IP address that is the actual IP address for the
device to which traffic is destined. For example, if this policy is intended
to allow public access to an internal server, specify the server’s internal
address.
10. Optionally, for NAT Port (Optional), type the port to which you want the
original port to be translated.
Use this option to perform PAT on traffic when your network uses non-
standard ports. (If you are using a non-standard port, you may want to
configure a port map so that the ALGs and IDS/IPS can properly identify
the traffic. See “Port Mapping” in Chapter 4: “Firewall.”) Generally, you
should only specify a NAT port when you have selected a specific service.
11. Optionally, for Insert Position (Optional), type a priority for the policy.