ZyXEL Communications 110, 1100, 310 TCP, UDP, SNAT, SNAT, SNAT, Source, Create Object, Create Object

		Chapter 20 IPSec VPN

	Table 107 Configuration > VPN > IPSec VPN > VPN Connection > Edit (continued)
	LABEL	DESCRIPTION
	Source NAT	This translation hides the source address of computers in the local network. It may
		also be necessary if you want the ZyWALL to route packets from computers outside
		the local network through the IPSec SA.

	Source	Select the address object that represents the original source address (or select
		Create Object to configure a new one). This is the address object for the computer
		or network outside the local network. The size of the original source address range
		(Source) must be equal to the size of the translated source address range (SNAT).

	Destination	Select the address object that represents the original destination address (or select
		Create Object to configure a new one). This is the address object for the remote
		network.

	SNAT	Select the address object that represents the translated source address (or select
		Create Object to configure a new one). This is the address object for the local
		network. The size of the original source address range (Source) must be equal to the
		size of the translated source address range (SNAT).

	Inbound Traffic

	Source NAT	This translation hides the source address of computers in the remote network.

	Source	Select the address object that represents the original source address (or select
		Create Object to configure a new one). This is the address object for the remote
		network. The size of the original source address range (Source) must be equal to the
		size of the translated source address range (SNAT).

	Destination	Select the address object that represents the original destination address (or select
		Create Object to configure a new one). This is the address object for the local
		network.

	SNAT	Select the address object that represents the translated source address (or select
		Create Object to configure a new one). This is the address that hides the original
		source address. The size of the original source address range (Source) must be
		equal to the size of the translated source address range (SNAT).

	Destination NAT	This translation forwards packets (for example, mail) from the remote network to a
		specific computer (for example, the mail server) in the local network.

	Add	Click this to create a new entry. Select an entry and click Add to create a new entry
		after the selected entry.

	Edit	Select an entry and click this to be able to modify it.

	Remove	Select an entry and click this to delete it.

	Move	To change an entry’s position in the numbered list, select it and click Move to display
		a field to type a number for where you want to put that entry and press [ENTER] to
		move the entry to the number that you typed.

	#	This field is a sequential value, and it is not associated with a specific NAT record.
		However, the order of records is the sequence in which conditions are checked and
		executed.

	Original IP	Select the address object that represents the original destination address. This is the
		address object for the remote network.

	Mapped IP	Select the address object that represents the desired destination address. For
		example, this is the address object for the mail server.

	Protocol	Select the protocol required to use this translation. Choices are: TCP, UDP, or All.

	Original Port Start	These fields are available if the protocol is TCP or UDP. Enter the original destination
	/ Original Port End	port or range of original destination ports. The size of the original port range must be
		the same size as the size of the mapped port range.

	Mapped Port Start	These fields are available if the protocol is TCP or UDP. Enter the translated
	/ Mapped Port End	destination port or range of translated destination ports. The size of the original port
		range must be the same size as the size of the mapped port range.

	291
ZyWALL 110/310/1100 Series User’s Guide	291