Profile Overrides - Static NAT - Source

About this task

Static NAT creates a permanent, one-to-one mapping between an address on an internal network and a perimeter or external network. To share a web server on a perimeter interface with the internet, use static address translation to map the actual address to a registered IP address. Static address translation hides the actual address of the server from users on insecure interfaces. Casual access by unauthorized users becomes much more difficult. Static NAT requires a dedicated address on the outside network for each host.

To override the static NAT source and destination configurations:

Procedure

  1. Select the Static NAT tab.

    The Source screen displays by default and lists existing static NAT configurations. Existing static NAT configurations are not editable, but new configurations can be added or existing ones deleted as they become obsolete.

    The Static NAT → Source screen displays by default.

    Click to expand in new window
    NAT Configuration - Static NAT - Source Main Screen
    GUID-D11FF63A-8F30-45C7-887D-22049BB1945D-low.png
  2. To remove an existing source IP address, from an internal network, to NAT IP address mapping, select the configuration and click Delete.

    Existing NAT source configurations cannot be edited.

  3. To create a new source IP address, from an internal network, to a NAT IP address click Add.

    The Add Source NAT window displays.

    Click to expand in new window
    NAT Configuration - Add Static NAT Source IP Address Window
    GUID-D7086962-CD1F-4438-A6B8-CE75F8A630EF-low.png
  4. Define the following parameters:

    Source IP

    Enter the address used at the (internal) end of the static NAT configuration. This address (once translated) will not be exposed to the outside world when the translation address is used to interact with the remote destination.

    NAT IP

    Enter the IP address of the matching packet to the specified value. The IP address modified can be either source or destination based on the direction specified.

    Network

    Select Inside or Outside NAT as the network direction. The default setting is Inside.

    Select Inside to create a permanent, one-to-one mapping between an address on an internal network and a perimeter or external network. To share a web server on a perimeter interface with the internet, use static address translation to map the actual address to a registered IP address. Static address translation hides the actual address of the server from users on insecure interfaces. Casual access by unauthorized users becomes much more difficult. Static NAT requires a dedicated address on the outside network for each host.

  5. Click OK to save the static NAT source configuration changes.

    Click Reset to revert to the last saved configuration.