Chapter 17 NAT

Table 93 Configuration > Network > NAT > Add (continued)

LABEL

DESCRIPTION

Classification

Select what kind of NAT this rule is to perform.

 

Virtual Server - This makes computers on a private network behind the

 

ZyWALL available to a public network outside the ZyWALL (like the

 

Internet).

 

1:1 NAT - If the private network server will initiate sessions to the

 

outside clients, select this to have the ZyWALL translate the source IP

 

address of the server’s outgoing traffic to the same public IP address

 

that the outside clients use to access the server.

 

Many 1:1 NAT - If you have a range of private network servers that will

 

initiate sessions to the outside clients and a range of public IP addresses,

 

select this to have the ZyWALL translate the source IP address of each

 

server’s outgoing traffic to the same one of the public IP addresses that

 

the outside clients use to access the server. The private and public

 

ranges must have the same number of IP addresses.

 

One many 1:1 NAT rule works like multiple 1:1 NAT rules, but it eases

 

configuration effort since you only create one rule.

 

 

Incoming

Select the interface on which packets for the NAT rule must be received.

Interface

It can be an Ethernet, VLAN, bridge, or PPPoE/PPTP interface.

 

 

Original IP

Specify the destination IP address of the packets received by this NAT

 

rule’s specified incoming interface.

 

any - Select this to use all of the incoming interface’s IP addresses

 

including dynamic addresses or those of any virtual interfaces built upon

 

the selected incoming interface.

 

User Defined - Select this to manually enter an IP address in the User

 

Defined field. For example, you could enter a static public IP assigned

 

by the ISP without having to create a virtual interface for it.

 

Host address - select a host address object to use the IP address it

 

specifies. The list also includes address objects based on interface IPs.

 

So for example you could select an address object based on a WAN

 

interface even if it has a dynamic IP address.

 

 

User Defined

This field is available if Original IP is User Defined. Type the

Original IP

destination IP address that this NAT rule supports.

 

 

Original IP

This field displays for Many 1:1 NAT. Select the destination IP address

Subnet/Range

subnet or IP address range that this NAT rule supports. The original and

 

mapped IP address subnets or ranges must have the same number of IP

 

addresses.

 

 

Mapped IP

Select to which translated destination IP address this NAT rule forwards

 

packets.

 

User Defined - this NAT rule supports a specific IP address, specified in

 

the User Defined field.

 

HOST address - the drop-down box lists all the HOST address objects in

 

the ZyWALL. If you select one of them, this NAT rule supports the IP

 

address specified by the address object.

 

 

User Defined

This field is available if Mapped IP is User Defined. Type the translated

Original IP

destination IP address that this NAT rule supports.

 

 

 

325

ZyWALL USG 50 User’s Guide