Static NAT Destination Configuration

About this task

NAT destination configurations define the way in which packets passing through the NAT on the way back to the LAN are searched against the records kept by the NAT engine. The destination IP address is changed back to the specific internal private class IP address to reach the LAN over the network.

To add or edit a Static NAT destination configuration:

Procedure

  1. Select the Destination tab.
    Click to expand in new window
    Profile Security - Static NAT screen - Destination tab
    GUID-DF9AC3BC-EBB0-4B87-832F-F06C0421B440-low.png
  2. Review existing Static NAT destination configurations to determine if a new configuration warrants creation or an existing configuration warrants modification or deletion.
  3. Select Add to create a new NAT destination configuration, Edit to modify the attributes of an existing configuration or Delete to permanently remove a NAT destination.
    Click to expand in new window
    GUID-E071C050-FC1E-4418-9D8D-C81EB40CB811-low.png
  4. Set the following Destination configuration parameters:

    Static NAT creates a permanent, one-to-one mapping between an address on an internal network and an external network. To share a Web server with the Internet, use static address translation to map the actual address to a registered IP address. Static address translation hides the actual server address from users on insecure interfaces. Casual access by unauthorized users becomes much more difficult. Static NAT requires a dedicated address on the outside network for each host.

    Protocol

    Select the protocol for use with static translation. TCP, UDP and Any are available options. TCP is a transport layer protocol used by applications requiring guaranteed delivery. It's a sliding window protocol handling both timeouts and retransmissions. TCP establishes a full duplex virtual connection between two endpoints. Each endpoint is defined by an IP address and a TCP port number. The User Datagram Protocol (UDP) offers only a minimal transport service, non-guaranteed datagram delivery, and provides applications direct access to the datagram service of the IP layer. UDP is used by applications not requiring the level of service of TCP or are using communications services (multicast or broadcast delivery) not available from TCP. The default setting is Any.

    Destination IP

    Enter the local address used at the (source) end of the static NAT configuration. This address (once translated) is not be exposed to the outside world when the translation address is used to interact with the remote destination.

    Destination Port

    Use the spinner control to set the local port used at the (source) end of the static NAT configuration. The default port is 1.

    NAT IP

    Enter the IP address of the matching packet to the specified value. The IP address modified can be either source or destination based on the direction specified.

    NAT Port

    Set the port number of the matching packet to the specified value. This option is valid only if the direction specified is destination.

    Network

    Select Inside or Outside NAT as the network direction. Inside is the default setting.

  5. Click OK to save the changes made to the static NAT configuration.

    ion. Select Reset to revert to the last saved configuration.