Patton electronic SmartNode 4110 Series manual Static NAT, Napt traversal

Dynamic NAT is particularly useful for protocols that do not build on UDP or TCP but directly on IP (e.g. GRE, ESP). See also section “NAPT traversal” on page 135.

Figure 19. Dynamic NAT

Static NAT

Dynamic NAT does not permit hosts on the global network to access hosts on the local network. Static NAT makes local hosts globally accessible. Static NAT entries map global addresses to local addresses. The global address must be a configured global NAT address. It cannot be the address of the global interface since this would break connectivity to the SmartNode itself.

Static NAT is particularly useful for protocols that do not build on UDP or TCP but directly on IP (e.g. GRE, ESP). See also section “NAPT traversal” on page 135.

Figure 20. Static NAT

NAPT traversal

Protocols that do not build on UDP or TCP but directly on IP (e.g. GRE, ESP), and protocols that open addi- tional connections unknown to the NAT/NAPT component (e.g. FTP, H.323, SIP), do not easily traverse

a NAPT.

The SmartWare NAPT can handle one GRE (Generic Routing Encapsulation) connection and one ESP (Encapsulating Security Payload) connection at a time. It also routes ICMP messages back to the source of the concerned connection or to the source of an ICMP Ping message.

To enable NAPT traversal of protocols that open additional connections, the NAPT component must analyze these protocols at the Application Level in order to understand which NAPT entries for additional connections