How to realize domain NAT in the configuration base on ZONE

Publication Date:  2012-11-02 Views:  122 Downloads:  0
Issue Description
The user environment is double export which respectively is telecom and China netcom, internal have a server providing services to outside, to achieve the same internal server mapping two public network addresses, so configured NATSERVER based on the ZONE, but the user at the same time to realize the internal user through the domain name visit internal server, after configured NAT in completed domain, found can’t through the domain name access to the server.
Alarm Information
None.
Handling Process
Based on the above command behavior analysis, if you want to achieve internal user through the domain name visit internal server, we only need to configure a NATSERVER command based on ZONE, the parameters of the behind ZONE region use internal user area can realize the demand.
Root Cause
Observe firewall session table item, it can be found that the message the internal user access server didn’t in accordance with the expected for domain NAT conversion, but directly translated according to the configured domain NAT and then be sent to external network directly according to the routing. Carefully analysis the command which is configured based on ZONE found that after configured ZONE parameters only the message accessed from the ZONE area which we configured can access to the server mapped GLOBAL address.
Suggestions
The use of many commands will produce some special limit, so we need to carefully read equipment operation manual, detailed understanding the specific usage and meaning of every command.

END