1
Download MES-OS Management guide
Transcript
25.1.3 Network Address Translation MES-OS supports two kinds of NAT: NAPT and 1-to-1. 25.1.3.1 NAPT style NAT NAPT, or ”Network Address and Port Translation” enables hosts on a private network to share an Internet connection with a single public IP address. NAPT is also known as IP Masquerading or PAT (Port Address Translation) in the Cisco world. Figure 128. NAPT gateway providing access to the Internet. All hosts in the private network share a single public IP address. 4 When configuring a NAPT rule, you need to specify the outbound interface . The appropriate rule will then be added to the post-routing step (see Figure 127) handling the address translation. A rule is also needed in the forward filtering chain to enable the forwarding (routing) of traffic, and that can be added automatically (depending on the configuration options, see section 25.1.3). Connection tracking will ensure that packets in the reverse direction (from the Internet to the private network) are accepted and managed properly. 4 Appropriate interface IP settings must be configured, and IP routing must also be enabled, see chapter 15. MES-OS Management Guide Firewall Management • 445
