Table of Contents
Advertisement
Note
Firewall rule with source NAT
Address translation with source NAT is only performed after the firewall; the non-
translated addresses are therefore used.
Security > Firewall > IP rules
• Source (Range): Input from "Source IP Addresses"
• Destination (Range): Input from "Destination IP Addresses"
Description
• Source Interface / Destination Interface
Specify the direction of the connection establishment. Only connections established
in this specified direction are taken into account.
The virtual interfaces of VPN connections can also be selected:
– VLANx: VLANs with configured subnet
– SINEMA RC: Connection to SINEMA RC Server
– IPsec: Either all IPsec VPN connections (all) or a specific IPsec VPN connection
Note
When you configure a NAT address translation to or from the direction of the VPN
tunnel, only the IP addresses involved in the NAT address translation rules can be
reached via the VPN tunnel.
• Source IP Address(es)
Specify the source IP addresses for which this source NAT rule is valid. Only the
packets that correspond to the addresses entered are taken into account.
The following entries are possible:
– IP address: Applies precisely to the specified IP address.
– IP address range: Applies to a certain IP address range: Start IP address "-" End IP
– IP subnet: Applies to several IPv4 addresses grouped together to form an IP
• Use Interface IP from Destination Interface
When enabled, the IP address of the selected destination interface is used with
"Translated Source IP Address".
SCALANCE SC-600 Web Based Management (WBM)
Configuration Manual, 10/2021, C79000-G8976-C475-03
address, e.g. 192.168.100.10 - 192.168.100.20
address range: IP address/number of bits of the network part (CIDR notation)
Configuring with Web Based Management
4.6 "Layer 3" menu
267
- Quick Links:
- Function
- Ip Address
Hide quick links:
Advertisement
Table of Contents
