Intel 9525, 9515, 9535 manual Network Address Translation NAT, Entry Function

Page 19

DMZ Firewall Solution for the Express Router

4.3Network Address Translation (NAT)

Because the secure private networks on LAN1 use public IP addresses (89.20.0.0 and 90.20.0.0), configure NAT to translate these addresses to private IP addresses. For example, NAT will translate the E-mail server address from 89.20.0.1 to 10.1.0.1, the NNTP server address from 89.20.0.2 to 10.1.0.2, and the LAN1 address from 89.20.0.10 to 10.1.0.10.

Note: When adding filter entries, the internal addresses must be used.

NAT entries are defined as follows:

Entry Function

1Translate the internal IP addresses on the network

89.20.0.0to private IP

address on 10.1.0.0

2Translate the internal IP addresses on the network

90.20.0.0to private IP

address on 10.2.0.0

Settings

Mapping type:

Static

Internal address:

10.1.0.0

Internal mask:

255.255.0.0

External IP address:

89.20.0.0

External mask:

255.255.0.0

Mapping type:

Static

Internal address:

10.2.0. 0

Internal mask:

255.255.0.0

External IP address:

90.20.0.0

External mask:

255.255.0.0

4.4IP Filters Setup

This section describes the required IP filters for the LAN1, LAN2 and connection to the Internet.

4.4.1 LAN1 Filters

4.4.1.1 Receive (Rx) Filters on LAN1

Configure these receive filters for the LAN1 port, shown as they appear in Advanced Setup.

07-12-99

Version 1.0

18

Page 18 Page 20
Image 19
Page 18 Page 20
Contents DMZ Firewall Solution Copyright 1999, Intel Corporation. All rights reserved Table of Contents References What is a DMZIntroduction About This DocumentIP Filters in the Express Router General Setup and ConsiderationsIP Address Selection FTP Setup Routing SetupDNS Setup Mail Smtp SetupStatic Routing Setup DMZ Single IP Address SolutionNetwork Address Translation NAT Setup Receive Rx Filters on LAN1 IP Filters SetupSettings Entry FunctionTransmit Tx Filters on LAN1 Filter FunctionSrc. address 10.2.0.2 Src. port Action Pass Protocol Receive Rx Filters on LAN2 2 LAN2 FiltersRIP Filter Function SettingsTransmit Tx filters on LAN2 Settings Receive Rx Filters on the connection to the Internet Internet Connection FiltersAction Pass Protocol UDP Transmit Tx Filters on the Connection to the Internet IP Address Assignment DMZ Multiple IP Address SolutionNetwork Address Translation NAT Transmit Tx Filters on LAN1 Settings Src. port Action Pass Protocol Dest. address type All Dest port Src. address type All Src. port Action Discard Protocol Action Discard Protocol Transmit Tx filters on LAN2 Src. port 1023 Action Pass Protocol UDP Transmit Tx Filters on the Connection to the Internet
Top Page Image Contents