Configuring NAT Mode Gateway
This section provides an overview of a SonicWall SuperMassive
appliance operating as a single network gateway in NAT mode,
which is the default mode for a newly configured
SuperMassive appliance. This section is relevant to
administrators following deployment Scenario A.
NOTE: No additional configuration is necessary to
deploy your appliance as a single network gateway in
Many‐to‐One NAT mode.
Overview of NAT Mode
Network Address Translation (NAT) allows private IP addresses
on internal networks to be mapped to at least one public IP
address on the WAN interface of the SonicWall security
appliance. Outbound traffic from the internal network uses
many‐to‐one NAT address mappings for their LANs, WLANs,
and other internal networks.
All traffic in SonicOS must go through both an access rule and a
NAT policy, a fundamental part of the NAT Mode architecture.
The NAT policy is even used for traffic that needs no IP address
translation, such as traffic traveling between two different LAN
interfaces, traffic on the simplest types of VPNs, or through
Layer 2 Bridged Mode / Transparent Mode configurations.
40
SonicWall SuperMassive 9200/9400/9600 Getting Started Guide
SonicWall SuperMassive
SonicWALL SuperMassive 9600
X16
DMZ Zone
WLAN Zone
The SonicWall SuperMassive ships with the internal DHCP
server active on the LAN port. However, if a DHCP server is
already active on your LAN, the SonicWall appliance will
disable its own DHCP server to prevent conflicts.
As shown in the illustration on this page, ports X1 and X0 are
preconfigured as WAN and LAN, respectively. The remaining
ports (X2‐X17) can be configured to meet the needs of your
network.
In the example diagram, certain interfaces are configured for
specific zones:
• X1—WAN
• X0—LAN
• X8—Wireless LAN
• X16—DMZ
10GE
1GE
1GE
X18
X16
X14
X12
X10
X8
X6
X4
X2
X0
SDHC
M0
BYPASS
ALARM
STATUS
TEST
PWR 1
PWR 2
CONSOLE
MGMT
X19
X17
X15
X13
X11
X9
X7
X5
X3
X1
X1
X0
X8
LAN Zone
Internet
WAN Zone