Manualshelf

TMS zl Management and Configuration Guide ST.1.2.100916

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
461462463464465466467468469470
5-23
Network Address Translation
Configuring NAT Policies
11. If necessary, create a firewall access policy with the same source and
destination zones as the NAT policy you just created and that permits the
same services and addresses. (See “Firewall Access Policies for NAT,”
below.)
12. Click Save.
Firewall Access Policies for NAT
Because the firewall checks traffic against its access policies before applying
NAT, you need to configure a firewall access policy for each NAT policy. See
“Firewall Access Policies” in Chapter 4: “Firewall” for step-by-step instruc-
tions.
Source NAT
To allow traffic selected for source NAT, create a firewall access policy from
the source zone to the destination zone that allows traffic from the specified
source IP addresses to the specified destination IP addresses. Once the
firewall permits the packet to pass, the packet’s source address is translated
into the NAT source IP address and the packet is sent.
Figure 5-9. Flow of Packets with Source NAT Through the TMS zl Module
Figure 5-9 illustrates the source NAT policy that is shown in the first column
of Table 5-9. Notice that the source and destination zones, the services, and
the source and destination addresses are the same in the NAT and firewall
access policies.