Manualshelf

TMS zl Management and Configuration Guide ST.1.2.100916

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
471472473474475476477478479480
5-35
Network Address Translation
NAT Examples
You could also create a more general firewall access policy. This might permit
you to create fewer firewall access policies overall because more than one of
the NAT policies would be covered by a single firewall access policy.
Limited NAT Pool
In this type of source NAT there is a limited pool of NAT address for Internal
devices to use when accessing resources in Zone5.
Figure 5-19 shows the translation of the source addresses of the devices in the
Internal zone to one of the addresses in the NAT address pool. When all of the
NAT addresses have been assigned, all other connections from 172.16.0.0/16
to Zone5 will be denied. Use this solution if you want to limit the number of
connections into Zone5 or if it is important that source port numbers never
be translated.
Figure 5-19. Source NAT—Limited NAT Pool Example
To implement this plan, follow these steps:
1. Create a single-entry network address object named VLAN10 that contains
172.16.0.0/16. (See “Named Objects and Their Uses” in Chapter 4: “Firewall
for instructions.)