Using the Web Browser Interface for Advanced Configuration Tasks
Configuring Access Control from the Web Browser Interface
14-36
15. For Source IP Address/Mask, select any or enter a specific IP address or
a specific subnet.
16. Select a Destination IP Address/Mask. Again, you can select any or enter
a specific IP address or a specific subnet.
17. If you have selected TCP or UDP for the protocol, you can specify a port
in the Filtered Ports section.
a.
You can select Any, choose a port from the list of well-known ports,
or enter a specific port.
b. To enter a specific port, choose Specified. Then use the pull-down
menu below to select:
–
Equal To—the policy only filters the port that you enter in the
box to the left
–
Range—the policy filters all ports in the range that you specify
–
Greater Than—the policy filters all ports greater than the port
that you specify
–
Not Equal To—the policy filters all ports except the port that you
specify
–
Less Than—the policy filters all ports less than the port that you
specify
18. Click Apply. The policy you created is now listed on the Configure
Policies for Security Zone window.
Configuring NAT
You can configure the following:
Many-to-one NAT—allows multiple devices on the internal network to
share one public IP address as they access the Internet. Many-to-one NAT
is based on the source address.
One-to-one NAT—allows Internet users to access a device on the internal
network. A public IP address is advertised on the Internet, but the device
on the internal network is actually using a private IP address. When the
ProCurve Secure Router receives a packet addressed to the advertised
public IP address, it translates this address to the actual private IP address
that the device is using. One-to-one NAT is based on the destination IP
address.
Configuring Many-to-One NAT
19. To configure many-to-one NAT, use the pull-down menu to select Many:1
NAPT for the Policy Type in the Add New Policy window. Click Continue.
The Add New Policy to Security Zone window is displayed.