Manualshelf

TMS zl Management and Configuration Guide ST.1.1.100430

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
451452453454455456457458459460
5-24
Network Address Translation
Configuring NAT Policies
Table 5-9. Firewall Access Policy for Source NAT
Destination NAT
To allow traffic to which destination NAT will be applied, you must create a
firewall access policy from the source zone to the Self zone that permits traffic
from authorized source IP addresses to the destination IP address (or
addresses). Remember: the destination IP address is the public address to
which the traffic is originally destined. Once the packet passes through the
firewall, the destination IP address is translated into the private IP address,
and the packet is sent.
Figure 5-10. Flow of Packets with Destination NAT Through the TMS zl Module
Figure 5-10 illustrates the destination NAT policy that is shown in the first
column of Table 5-10. Notice that the source and destination zones, the
services, and the source and destination addresses are the same in the NAT
and firewall access policies.
Parameter Source NAT Policy Firewall Access Policy
From
Internal Internal
To
Zone4 Zone4
Service
Any Service Any Service
Source Address(es)
172.16.45.0/24 172.16.45.0/24
Destination Address(es)
10.1.154.101-10.1.154.254 10.1.154.101-10.1.154.254
NAT IP Address(es)
192.168.154.1–192.168.154.100 n/a