Table of Contents
Advertisement
6.4.3 Example 3: General Case
In this example, there are 3 IGAs from our ISP. There are many departments but two have their own FTP
server. All departments share the same router. The example will reserve one IGA for each department with
an FTP server and the other IGA is used by all. Now you map the FTP servers to the first two IGAs and the
other LAN traffic to the remaining IGA. Map the third IGA to an inside web server and mail server. Four
rules need to be configured, two bi-directional and two one directional as follows.
Rule 1.
Map the first IGA to the first inside FTP server for FTP traffic in both directions (1 : 1
mapping, giving both local and global IP addresses).
Rule 2.
Map the second IGA to our second inside FTP server for FTP traffic in both directions (1 : 1
mapping, giving both local and global IP addresses).
Rule 3.
Map the other outgoing LAN traffic to IGA3 (Many : 1 mapping).
Rule 4.
You also map your third IGA to the web server and mail server on the LAN. Type Server
allows you to specify multiple servers, of different types, to other machines behind NAT on the
LAN.
The example situation looks somewhat like this:
Step 1.
In this case you need to configure Address Mapping Set 1 from Menu 15.1 - Address Mapping
Sets. Therefore you must choose the Full Feature option from the Network Address
Translation field (in menu 4 or menu 11.3) in Figure 6-17.
Step 2.
Then enter 15 from the main menu.
NAT
Figure 6-16 NAT Example 3
ZyWALL 10 Internet Security Gateway
6-17
Advertisement
Table of Contents
Troubleshooting
