Table of Contents
Advertisement
Automatic translation is enabled by choosing the Auto option for source address translation and
this is selected by default in an IP Policy object. NetDefendOS will then decide which, if any,
translation to perform by applying the rules summarized in the table below.
# Type of Source IP
Type of Destination IP
1 Public
Private or Public
2 Private
Public
3 Private
Private
and Destination Translation = SAT
and Source Network contains the SAT IP.
4 Private
Private
and the previous action didn't trigger.
A more detailed explanation of the automatic translation rules summarized above is as follows:
•
If the connection's source IP address is a public address:
NetDefendOS will Allow traffic from the source address to the destination address.
•
If the connection's source IP address is a private address:
i.
If the destination address is a public IP address, NetDefendOS will NAT the source
address through the IP address of the destination interface.
ii.
If the Destination Translation is set to SAT and the Source Network contains the SAT
Destination IP address, NetDefendOS will NAT the private source address through the IP
address of the destination interface. (This allows, for example, a protected webserver to
be accessed by internal clients.)
Or if the above is not the case and the destination address is a private IP address,
NetDefendOS will Allow the traffic from the private source address to the private
destination address.
Figure 7.3. Automatic Address Translation
581
Chapter 7: Address Translation
Action Taken
Allow with no translation.
NAT using the destination interface's IP.
NAT using the destination interface's IP.
Allow with no translation.
- Quick Links:
- User Manual
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
