Switch Security 6-35

6.If modifying an existing interface is not a valid option, consider configuring a new interface. To define a new NAT interface:

a.Click the Add button from within the Interfaces tab.

b. Use the Interface drop-down menu to select the VLAN used as the communication medium between the switch managed network and its destination (within the insecure outside world).

c. Use the Type drop-down menu to specific the Inside or Outside designation as follows:

d. Inside - The set of switch-managed networks subject to translation. These are the internal addresses you are trying to prevent from being exposed to the outside world.

e. Outside - All other addresses. Usually these are valid addresses located on the Internet. Outside addresses pose no risk if exposed over a publicly accessible network.

f. Refer to the Status field for the current state of the requests made from applet. This field displays

error messages if something goes wrong in the transaction between the applet and the switch.

g. Click OK to use the changes to the running configuration and close the dialog.

h. Click Cancel to close the dialog without committing updates to the running configuration.

6.6.4 Viewing NAT Status

Use the Status tab to review the NAT translations configured thus far for the switch. The Status tab displays the inside and outside local and global IP addresses.

To view and configure a NAT interface:

1.Select Security > NAT from the main menu tree.

2.Click on the Status tab.

Page 259
Image 259
Motorola WS5100 manual Viewing NAT Status