Nat Technical Reference - ZyXEL Communications ZyWall 110 User Manual

Table 155 Configuration > Network > NAT > Add (continued)
LABEL
Security Policy
OK
Cancel

13.3 NAT Technical Reference

Here is more detailed information about NAT on the Zyxel Device.
NAT Loopback
Suppose an NAT 1:1 rule maps a public IP address to the private IP address of a LAN SMTP e-mail server
to give WAN users access. NAT loopback allows other users to also use the rule's external IP to access
the mail server.
For example, a LAN user's computer at IP address 192.168.1.89 queries a public DNS server to resolve the
SMTP server's domain name (xxx.LAN-SMTP.com in this example) and gets the SMTP server's internal
public IP address of 1.1.1.1.
Figure 307 LAN Computer Queries a Public DNS Server
Chapter 13 NAT
DESCRIPTION
By default the security policy blocks incoming connections from external addresses. After
you configure your NAT rule settings, click the Security Policy link to configure a security
policy to allow the NAT rule's traffic to come in.
The Zyxel Device checks NAT rules before it applies To-Zyxel Device security policies, so To-
Zyxel Device security policies, do not apply to traffic that is forwarded by NAT rules. The
Zyxel Device still checks other security policies, according to the source IP address and
internal IP address.
Click OK to save your changes back to the Zyxel Device.
Click Cancel to return to the NAT summary screen without creating the NAT rule (if it is new)
or saving any changes (if it already exists).
xxx.LAN-SMTP.com =?
1.1.1.1
LAN
192.168.1.21
ZyWALL USG Series User's Guide
DNS
xxx.LAN-SMTP.com = 1.1.1.1
192.168.1.89
445