Questo sito utilizza cookie di profilazione (propri e di terze parti) per ottimizzare la tua esperienza online e per inviarti pubblicità in linea con le tue preferenze. Continuando a utilizzare questo sito senza modificare le tue preferenze acconsenti all’uso dei cookie. Se vuoi saperne di più o negare il consenso a tutti o ad alcuni cookie clicca qui>
The website that you are visiting also provides Arabian language. Do you wish to switch language version?
يوفر موقع الويب الذي تزوره المحتوى باللغة العربية أيضًا. هل ترغب في تبديل إصدار اللغة؟
The website that you are visiting also provides Russia language Do you wish to switch language version?
Данный сайт есть в английской версии. Желаете ли Вы перейти на английскую версию?
When Configuring the Bi-direction NAT (both Source and Destination were changed inside the Firewall) ,what is the right sequence to process the packets inside the firewall ,it is related to 4 processes .
1.Destination NAT .
The NAT process is as follows:
1. The NGFW receives a packet from a user and searches for a server-map entry that is generated using the static mapping function:
a.If a match is found, the NGFW translates the destination address based on the entry and performs 3.
b.If no match is found, the NGFW performs 2.
2.The NGFW searches for a destination NAT entry.
a.If a match is found, the NGFW forwards the packet based on the entry.
b.If no match is found, the NGFW performs 3.
3. The NGFW searches the routing information, including policy-based routing data, to obtain a route for the packet.
a.If a matching route is found, the NGFW performs 4.
b.If no matching route is found, the NGFW discards the packet.
4. The NGFW checks the packet against security policies.
a.If the packet matches a security policy and the policy allows the packet to pass through, the NGFW performs 5.
b.If the packet matches a security policy but the policy does not allow the packet to pass through, or the packet does not match any security policy, the NGFW discards the packet.
5. The NGFW searches for a source NAT entry.
a.If the packet matches the source NAT entry, the NGFW translates the source address from a private address into a public address and creates a session for the user.
b.If the packet does not match the source NAT entry, the NGFW directly creates a session for the user.
6. The NGFW sends the packet based on the session information.