Manualshelf

WESM zl Management and Configuration Guide WT.01.03 and greater

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
591592593594595596597598599600
8-17
Configuring Network Address Translation (NAT)
Planning the NAT Configuration
Record Necessary IP Addresses and Select the NAT
Implementation Method
As part of your NAT planning, you should record:
local address—the address or addresses that will be translated
global addressthe address that will replace the local address when the
module applies NAT
You should also determine which NAT implementation method you are using.
For example, if you want to conserve IP addresses on your LAN, you will
probably decide to use dynamic NAT on inside traffic. If you want to allow
wireless users access to private Web or FTP servers with concealed IP
addresses, you will use static NAT.
Planning the Configuration for Dynamic NAT
If you are using dynamic NAT, you must use ACLs to specify which traffic the
Wireless Edge Services zl Module NATs. Consider which IP addresses these
ACLs should select. For example, if you want to NAT all traffic from wireless
stations in a particular WLAN, you can create an ACL that permits any IP
address and specifies that particular WLAN.
You may want the Wireless Edge Services zl Module to NAT traffic from
wireless stations before that traffic enters your wired network. In this case,
you would first configure the module to place wireless stations in a particular
VLAN and act as a DHCP server, assigning the stations IP addresses in a
corresponding subnet. Before the module forwarded this traffic to the wired
network, it would NAT the traffic to a single IP address, as shown in Figure 8-7.