Chapter 23 IPSec VPN

Table 113 Configuration > VPN > IPSec VPN > VPN Connection > Edit (continued)

LABEL

DESCRIPTION

Inbound Traffic

 

 

 

Source NAT

This translation hides the source address of computers in the remote

 

network.

 

 

Source

Select the address object that represents the original source address

 

(or select Create Object to configure a new one). This is the address

 

object for the remote network. The size of the original source address

 

range (Source) must be equal to the size of the translated source

 

address range (SNAT).

 

 

Destination

Select the address object that represents the original destination

 

address (or select Create Object to configure a new one). This is the

 

address object for the local network.

 

 

SNAT

Select the address object that represents the translated source

 

address (or select Create Object to configure a new one). This is the

 

address that hides the original source address. The size of the original

 

source address range (Source) must be equal to the size of the

 

translated source address range (SNAT).

 

 

Destination

This translation forwards packets (for example, mail) from the remote

NAT

network to a specific computer (for example, the mail server) in the

 

local network.

 

 

Add

Click this to create a new entry. Select an entry and click Add to

 

create a new entry after the selected entry.

 

 

Edit

Select an entry and click this to be able to modify it.

 

 

Remove

Select an entry and click this to delete it.

 

 

Move

To change an entry’s position in the numbered list, select it and click

 

Move to display a field to type a number for where you want to put

 

that entry and press [ENTER] to move the entry to the number that

 

you typed.

 

 

#

This field is a sequential value, and it is not associated with a specific

 

NAT record. However, the order of records is the sequence in which

 

conditions are checked and executed.

 

 

Original IP

Select the address object that represents the original destination

 

address. This is the address object for the remote network.

 

 

Mapped IP

Select the address object that represents the desired destination

 

address. For example, this is the address object for the mail server.

 

 

Protocol

Select the protocol required to use this translation. Choices are: TCP,

 

UDP, or All.

 

 

Original Port

These fields are available if the protocol is TCP or UDP. Enter the

Start / Original

original destination port or range of original destination ports. The

Port End

size of the original port range must be the same size as the size of

 

 

the mapped port range.

 

 

Mapped Port

These fields are available if the protocol is TCP or UDP. Enter the

Start / Mapped

translated destination port or range of translated destination ports.

Port End

The size of the original port range must be the same size as the size

 

 

of the mapped port range.

 

 

OK

Click OK to save the changes.

 

 

Cancel

Click Cancel to discard all changes and return to the main VPN

 

screen.

 

 

386

 

ZyWALL USG 50 User’s Guide