Table of Contents
Advertisement
Source address translation manages stateless IP protocols (GRE) but with the following
restriction:
If two clients go through the same firewall, they will not be able to connect to the same
server at the same time. Stormshield Network's intrusion prevention engine will block
packets received by the second client.
After 5 minutes, the intrusion prevention engine will deem the session too old and will allow
the second client to take over.
Original traffic (before translation)
By clicking in the column "Source" a configuration window will appear:
Traffic source before translation
"General" tab
General
User
Source hosts
Incoming interface
Click on Ok to confirm your configuration.
"Geolocation/Reputation" tab
Geolocation
Select a region
Page 141/448
NOTE
The rule will apply to the user or the user group that you select in this field.
There are three choices by default:
"No user": This option allows clearing the user field and to no longer apply any criteria
for the rule.
"Any user": refers to any authenticated user.
"Unknown users": refers to any unknown or unauthenticated user.
The rule will apply to the object that you select in this field. The source host is the host
from which the treated packet originated: it is the sender of the packet.
You can Add or Delete one or several objects by clicking on
by clicking on .
Interface on which the translation rule applies, presented in the form of a drop-down
list. By default, the firewall selects it automatically according to the operation and
source and destination IP addresses. It can be modified to apply the rule to another
interface.
It can be modified to apply the rule to another interface. This also allows specifying a
particular interface if "Any" has been selected as the source host.
This field allows applying the filter rule to hosts with a public IP address belonging to a
country, continent or geographic group (group of countries and/or continents) defined
beforehand in the Objects > Network objects module.
NOTE
Only one country or continent may be selected per filter rule: only the use of a
geographic group would allow applying the rule to a set of countries/continents.
SNS - USER CONFIGURATION MANUAL V.3
sns-en-user_configuration_manual-v3 - Copyright © Stormshield 2016
FILTERING AND NAT
and Create an object
- Quick Links:
- Administrator Management
Hide quick links:
Advertisement
Table of Contents
