Manualshelf

WESM zl Management and Configuration Guide WT.01.28 and greater

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
581582583584585586587588589590
8-15
Configuring Network Address Translation (NAT)
Planning the NAT Configuration
Record Necessary IP Addresses and Select the NAT
Implementation Method
As part of your NAT planning, you should record:
local address—the address or addresses that will be translated
global address—the address that will replace the local address when the module
applies NAT
You should also determine which NAT implementation method you are using. For
example, if you want to conserve IP addresses on your LAN, you will probably decide
to use dynamic NAT on inside traffic. If you want to allow wireless users access to
private Web or FTP servers with concealed IP addresses, you will use static NAT.
Planning the Configuration for Dynamic NAT
If you are using dynamic NAT, you must use ACLs to specify which traffic the
Wireless Edge Services zl Module NATs. Consider which IP addresses these ACLs
should select. For example, if you want to NAT all traffic from wireless stations in a
particular WLAN, you can create an ACL that permits any IP address and specifies
that particular WLAN.
You may want the Wireless Edge Services zl Module to NAT traffic from wireless
stations before that traffic enters your wired network. In this case, you would first
configure the module to place wireless stations in a particular VLAN and act as a
DHCP server, assigning the stations IP addresses in a corresponding subnet. Before
the module forwarded this traffic to the wired network, it would NAT the traffic to a
single IP address, as shown in Figure 8-7.