Adding and Editing Destination NAT

To add or edit a NAT destination configuration that can be applied to a profile:

1. Select the Configuration tab from the Web UI

2. Select Profiles from the Configuration tab.

3. Select Manage Profiles from the Configuration > Profiles menu.

4. Select Security.

5. Select NAT.

6. Select the Static NAT tab.

7. Select the Destination tab to view destination NAT configurations and ensure packets passing through the NAT back to the managed LAN are searched against the records kept by the NAT engine. The destination IP address is changed back to the specific internal private class IP address to reach the LAN over the network.

8. Select Add to create a new NAT destination configuration, Edit to modify the attributes of an existing configuration or Delete to permanently remove a NAT destination.

   

9. Set the following Destination configuration parameters:

   Static NAT creates a permanent, one-to-one mapping between an address on an internal network and an external network. To share a Web server with the Internet, use static address translation to map the actual address to a registered IP address. Static address translation hides the actual server address from users on insecure interfaces. Casual access by unauthorized users becomes much more difficult. Static NAT requires a dedicated address on the outside network for each host.

   Protocol	Select the protocol for use with static translation. TCP, UDP and Any are available options. TCP is a transport layer protocol used by applications requiring guaranteed delivery. It's a sliding window protocol handling both timeouts and retransmissions. TCP establishes a full duplex virtual connection between two endpoints. Each endpoint is defined by an IP address and a TCP port number. The User Datagram Protocol (UDP) offers only a minimal transport service, non-guaranteed datagram delivery, and provides applications direct access to the datagram service of the IP layer. UDP is used by applications not requiring the level of service of TCP or are using communications services (multicast or broadcast delivery) not available from TCP. The default setting is Any.
   Destination IP	Enter the local address used at the (source) end of the static NAT configuration. This address (once translated) is not be exposed to the outside world when the translation address is used to interact with the remote destination.
   Destination Port	Use the spinner control to set the local port used at the (source) end of the static NAT configuration. The default port is 1.
   NAT IP	Enter the IP address of the matching packet to the specified value. The IP address modified can be either source or destination based on the direction specified.
   NAT Port	Set the port number of the matching packet to the specified value. This option is valid only if the direction specified is destination.
   Network	Select Inside or Outside NAT as the network direction. Inside is the default setting.

10. Select OK to save the changes made to the static NAT configuration. Select Reset to revert to the last saved configuration.