Chapter 12 NAT
ZyWALL ATP Series User’s Guide
336
Classification
Select what kind of NAT this rule is to perform.
Virtual Server
- This makes computers on a private network behind the Zyxel Device
available to a public network outside the Zyxel Device (like the Internet).
1:1 NAT
- If the private network server will initiate sessions to the outside clients, select this to
have the Zyxel Device translate the source IP address of the server’s outgoing traffic to the
same public IP address that the outside clients use to access the server.
Many 1:1 NAT -
If you have a range of private network servers that will initiate sessions to
the outside clients and a range of public IP addresses, select this to have the Zyxel Device
translate the source IP address of each server’s outgoing traffic to the same one of the
public IP addresses that the outside clients use to access the server. The private and public
ranges must have the same number of IP addresses.
One many 1:1 NAT rule works like multiple 1:1 NAT rules, but it eases configuration effort
since you only create one rule.
Incoming Interface
Select the interface on which packets for the NAT rule must be received.
It can be an
Ethernet, VLAN, bridge, or PPPoE/PPTP interface.
External IP
Specify the destination IP address of the packets received by this NAT rule’s specified
incoming interface.
any
- Select this to use all of the incoming interface’s IP addresses including dynamic
addresses or those of any virtual interfaces built upon the selected incoming interface.
User Defined
- Select this to manually enter an IP address in the
User Defined
field. For
example, you could enter a static public IP assigned by the ISP without having to create a
virtual interface for it.
Host address - select a host address object to use the IP address it specifies. The list also
includes address objects based on interface IPs. So for example you could select an
address object based on a WAN interface even if it has a dynamic IP address.
User Defined External
IP
This field is available if
External IP
is
User Defined
. Type the destination IP address that this
NAT rule supports.
External IP Subnet/
Range
This field displays for
Many 1:1 NAT
. Select the destination IP address subnet or IP address
range that this NAT rule supports. The original and mapped IP address subnets or ranges
must have the same number of IP addresses.
Internal IP
Select to which translated destination IP address this NAT rule forwards packets.
User Defined
- this NAT rule supports a specific IP address, specified in the
User Defined
field.
HOST address - the drop-down box lists all the HOST address objects in the Zyxel Device. If
you select one of them, this NAT rule supports the IP address specified by the address
object.
User Defined Internal
IP
This field is available if
Internal IP
is
User Defined
. Type the translated destination IP address
that this NAT rule supports.
Internal IP Subnet/
Range
This field displays for
Many 1:1 NAT
. Select to which translated destination IP address subnet
or IP address range this NAT rule forwards packets. The original and mapped IP address
subnets or ranges must have the same number of IP addresses.
Table 138 Configuration > Network > NAT > Add (continued)
LABEL
DESCRIPTION