Manualshelf

TMS zl Management and Configuration Guide ST.1.1.100430

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
471472473474475476477478479480
5-38
Network Address Translation
NAT Examples
l. Click Apply.
m. Click Close.
n. Click Save.
You could also create a more general firewall access policy. This might allow
you to create fewer firewall access policies overall because more than one of
the NAT policies would be covered by a single firewall access policy.
Destination NAT
This section includes one example of a destination NAT configuration.
Port Forwarding with PAT
In this example, network administrators want to advertise a single address for
the two servers in the DMZ. These servers provide FTP and HTTP services.
The module translates and forwards traffic to the appropriate server based on
the service requested (specified by the destination port).
The example network also uses non-standard ports for FTP and HTTP traffic,
so the module translates the port as well as the destination address.
Figure 5-22. Port Forwarding with PAT Example
Figure 5-22 shows how the FTP server (using port 2101) and the HTTP server
(using port 8088) in DMZ advertise one IP address to the Internal zone. When
a device sends a request to 172.16.100.100 port 21, the TMS zl Module trans-
lates the destination IP address to 10.1.1.11 and translates the port number
to 2101. Similarly, a packet that is destined for 172.16.100.100 port 80 receives
the new destination address of 10.1.1.12 and the port number is translated
to 8088.