Software Release 2.3.1 | 15 |
■Reverse NAT
This translates the addresses of public side devices to addresses suitable for the private side of the firewall (destination address will be translated for outbound packets, source address for inbound packets).
■Double NAT
This translates both the public and private side source and destination addresses.
■Enhanced NAT
This translates many private or public side addresses into a single global or local address. If it is applied to a private interface the rule matches the outbound sessions (source address will be translated for outbound packets, destination address for inbound packets). If it is applied to a public interface the rule matches the inbound sessions (source address will be translated for inbound packets, destination address for outbound packets).
■Subnet Translation
This translates IP addresses from one subnet into another subnet (e.g. all 192.168.xxx.xxx IP addresses can be translated into 202.36.xxx.xxx addresses). Subnet translation may be applied to Standard, Reverse and Double NAT.
Time Limited Rules
Rules can be set to expire after a specified Time To Live (TTL). A new parameter, TTL, specifies the time duration in hours and minutes that the rule will exist. The rule will be active from the creation of the rule and will be deleted after the time specified has expired. All entries created from this rule will be destroyed once the rule expires. Rules defined with a TTL value will not appear in
New Command Syntax
The new syntax is:
ADD FIREWALL POLICY=policy
[NATTYPE={DOUBLEENHANCEDREVERSESTANDARD}] [NATMASK=ipadd]
SET FIREWALL POLICY=name
These commands add or modify a rule defining the access allowed between private and public interfaces of the specified policy. By default all access from public interfaces (outside the firewall) is denied and all access from private interfaces (inside the firewall) is allowed. To refine the security policy
Software Release 2.3.1
