Setup of NAT-One-to-One
-
Scenario
This guideline describes how to setup 1:1 NAT in ZyWALL USG-series.
ZyWALL USG has some extra IP-addresses available. With 1:1 NAT all requests to e.g. 212.130.62.52 will be directly forwarded to the selected internal client.
-
Start with address objects
To create a NAT One-to-One rule, the simplest way is to start with creating address objects.
In this tutorial we will create two objects, one for the secondary WAN IP-address and one for the server’s internal IP-address.
To create an address object go to the Configurations menu. Select the Object -> Address menu.
Click the Add button.
Give the object a name. Choose Host as Address Type, and insert the secondary WAN IP-address.
Use the same step for the server’s host object.
-
Create NAT rule
To create the NAT rule, go to Network -> NAT menu, and click the Add button.
Enable rule. Insert a rule name. Select 1:1 NAT.
Choose the incoming interface (usually WAN1 or ge2).
Select the new Ext_WAN_IP object as Original IP, select Int_SRV_IP as Mapped IP. Set Port Mapping Type as Any.
Click the OK button.
Note: NAT Loopback can be activated, so internal clients can contact server on its public IP-address.
-
Create Firewall rule
As the final step, we need to create a Firewall Rule, to allow traffic pass through to the server.
Go to the Firewall menu, and press the Add button.
Select from WAN to LAN1. Insert your server’s IP-address object as Destination.
Select your preferred Service or Service Group. In this case HTTP is selected.
Set Access as Allow. Enable Log if needed.
Click the OK button.
Ricordo che vi e’ un ottimo log che permette di scovare i problemi che possono nascere con la proliferazione delle regole.
Fatto Cio’ riavviate e vedete se tutto funziona correttamente.
® Dream Land by Giovanni Bifera
LE INFORMAZIONI CONTENUTE SONO FORNITE SENZA GARANZIA DI ALCUN TIPO, IMPLICITA OD ESPLICITA. L’UTENTE SI ASSUME L’INTERA RESPONSABILITA’ PER L’UTILIZZO DI QUESTE INFORMAZIONI. IN NESSUN CASO SI RENDONO RESPONSABILI PER DANNI DIRETTI, INDIRETTI O ACCIDENTALI CHE POSSANO PROVOCARE PERDITA DI DENARO O DI DATI.
Numero Di Accessi Alla Pagina: 2039
Short Link:
Lascia un commento
Devi essere connesso per inviare un commento.