WESM zl Management and Configuration Guide WT.01.XX and greater
8-19
Configuring Network Address Translation (NAT)
Planning the NAT Configuration
Planning the Configuration for Static NAT
For static NAT, you manually specify the IP address and port settings within
each NAT configuration. You must configure a separate static definition
specifically for each IP address that your Wireless Edge Services zl Module
must translate.
Before configuring static destination NAT for traffic destined to network
servers, collect the following information:
■ the IP address that you want to advertise to wireless stations (through,
for example, a DNS server)
This will be the original destination address (local address) for incoming
packets.
■ the destination port for traffic that will be subject to NAT (local port) and
the corresponding protocol (TCP or UDP)
This setting is for port translation, which enables multiple internal servers
to share one advertised IP address. For example, the Wireless Edge
Services zl Module can select traffic destined to:
• a Web server on port 80
• an FTP server on port 21
■ the internal device’s IP address on your LAN
This will be the translated destination address (global address).
■ the translated destination port (global port)
This setting is also optional. If you do not specify this port, the module
forwards traffic to the destination port on which it arrived.
To configure static source NAT, you must know:
■ the local address to which the module must apply NAT
■ the global address to which the module should translate the original
address
You can optionally specify a new source port for the translated traffic.
In Figure 8-8, for example, the company wants to conceal the actual IP address
of its Web server—192.168.1.25. The company has also set up its Web server
to use a different port—port 51000. For this implementation, you must con-
figure destination NAT with port translation.