Manualshelf

WESM zl Management and Configuration Guide WT.01.28 and greater

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
561562563564565566567568569570
8-4
Configuring Network Address Translation (NAT)
Overview
NAT Implementation Methods
On the Wireless Edge Services zl Module, you can configure:
dynamic NAT
static NAT
Dynamic NAT affects only source IP addresses while static NAT can translate either
source or destination IP addresses.
Dynamic, or Many-to-One, NAT
Perhaps the most common implementation of NAT is dynamic NAT, sometimes
called many-to-one NAT because it allows multiple stations to share the same IP
address after translation. Dynamic NAT applies only to source IP addresses.
You define dynamic NAT using the following specifications:
access control lists (ACLs), which select the source IP addresses of traffic on
which the Wireless Edge Services zl Module performs NAT
a Wireless Edge Services zl Module interface, which defines the IP address to
which the source address is translated
This NAT method is considered dynamic because when you modify an ACL or
interface, the corresponding NAT definition is modified accordingly.
You can apply dynamic NAT to traffic that arrives on inside interfaces, on outside
interfaces, or on both. The sections below discuss some uses for dynamic NAT for
wireless traffic and for wired traffic. (Whether configuring NAT on wireless traffic
requires inside or outside NAT depends on how you define the VLAN interface in
which the module places wireless traffic.)
Dynamic NAT for Wireless Traffic
Implementing dynamic NAT on wireless traffic allows you to create VLANs for
wireless traffic only. The Wireless Edge Services zl Module assigns WLAN traffic
to a VLAN reserved for wireless stations; its internal DHCP server issues wireless
stations IP addresses in this VLAN. Before routing wireless traffic into the Ethernet
network, the module translates these local DHCP addresses to an IP address valid in
the wired network—the module’s own.
This implementation also has the advantage of conserving IP addresses: instead of
each wireless station having its own IP address that is valid in the wired network, all
wireless stations share the Wireless Edge Services zl Module’s address.