DMZ Firewall Solution for the Express Router

4.3Network Address Translation (NAT)

Because the secure private networks on LAN1 use public IP addresses (89.20.0.0 and 90.20.0.0), configure NAT to translate these addresses to private IP addresses. For example, NAT will translate the E-mail server address from 89.20.0.1 to 10.1.0.1, the NNTP server address from 89.20.0.2 to 10.1.0.2, and the LAN1 address from 89.20.0.10 to 10.1.0.10.

Note: When adding filter entries, the internal addresses must be used.

NAT entries are defined as follows:

Entry Function

1Translate the internal IP addresses on the network

89.20.0.0to private IP

address on 10.1.0.0

2Translate the internal IP addresses on the network

90.20.0.0to private IP

address on 10.2.0.0

Settings

Mapping type:

Static

Internal address:

10.1.0.0

Internal mask:

255.255.0.0

External IP address:

89.20.0.0

External mask:

255.255.0.0

Mapping type:

Static

Internal address:

10.2.0. 0

Internal mask:

255.255.0.0

External IP address:

90.20.0.0

External mask:

255.255.0.0

4.4IP Filters Setup

This section describes the required IP filters for the LAN1, LAN2 and connection to the Internet.

4.4.1 LAN1 Filters

4.4.1.1 Receive (Rx) Filters on LAN1

Configure these receive filters for the LAN1 port, shown as they appear in Advanced Setup.

07-12-99

Version 1.0

18

Page 18 Page 20
Page 19
Image 19
Intel 9525, 9515, 9535 manual Network Address Translation NAT, Entry Function
Page 18 Page 20
Top Page Image Contents