Manualshelf

WESM zl Management and Configuration Guide WT.01.28 and greater

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
571572573574575576577578579580
8-7
Configuring Network Address Translation (NAT)
Overview
Port Address Translation for Dynamic NAT
To enable multiple users to share one IP address, the Wireless Edge Services zl
Module uses port address translation in conjunction with NAT. When the module
translates a local IP address to a global address, it assigns each local address a unique
port number, as shown in Table 8-1.
The Wireless Edge Services zl Module uses this port number to forward return traffic,
which is destined to the single global IP address, to the correct local IP address. For
example, Table 8-1 lists possible IP address for the network shown in Figure 8-3. In
this case, the module translates all inside addresses (in the 192.168.1.0/24 subnet-
work) to 10.1.1.1. If a packet arrives for 10.1.1.1 on port 4001, the module knows to
forward the packet toward the station at 192.168.1.11.
Table 8-1. Information Recorded in a Port-Mapping Table for a Sample Network
Static, or One-to-One, NAT
You can also configure static definitions for NAT. In this case, you manually specify
the following information for each one-to-one NAT:
the IP address (and optionally, port) that should be translated
the IP address (and optionally, port) that should replace the original address
The Wireless Edge Services zl Module can perform static translation on both source
IP addresses and destination IP addresses. In addition, it can apply NAT to traffic
inbound from the inside network or from the outside network.
Static NAT on Destination Addresses
One reason to use destination NAT is to allow wireless users to access servers on
your internal LAN, while still concealing the servers’ IP addresses. This use is
particularly important when you open your wireless network to the public. Because
Local IP Address Translated (Global)
IP Address
Translated Port Destination IP Address Destination Port
192.168.1.10 10.1.1.1 4000 10.20.1.1 80
192.168.1.11 10.1.1.1 4001 172.16.1.10 80
192.168.1.12 10.1.1.1 4002 172.16.10.5 80
192.168.1.13 10.1.1.1 4003 10.45.16.1 80
192.168.1.14 10.1.1.1 4004 172.16.11.1 80