DIGITAL GIGAswitch/Router User Reference Manual
205
Configuration Examples
The first step is to create the interfaces:
Next, define the interfaces to be NAT “inside” or “outside”:
Then, define the NAT static rules:
Using Static NAT
Static NAT can be used when the local and global IP addresses are to be bound in a fixed
manner. These bindings never get removed nor time out until the static NAT command
itself is negated. Static binding is recommended when you have a need for a permanent
type of binding.
The other use of static NAT is when the out to in traffic is the first to initialize a
connection, i.e., the first packet is coming from outside to inside. This could be the case
when you have a server in the local network and clients located remotely. Dynamic NAT
would not work for this case as bindings are always created when an in to out Internet
connection occurs. A typical example is a web server inside the local network, which
could be configured as follows:
This server, 10.1.1.2, is advertised as 192.50.20.2 to the external network.
interface create ip 10-net address-netmask 10.1.1.1/24 port et.2.1
interface create ip 192-net address-netmask 192.50.20.1/24 port et.2.2
nat set interface 10-net inside
nat set interface 192-net outside
nat create static protocol ip local-ip 10.1.1.2 global-ip 192.50.20.2
nat create static protocol tcp local-ip 10.1.1.2 global-ip 192.50.20.2
local-port 80 global-port 80