Configuring the NAT Service
Context
Network Address Translation (NAT) is an address translation technology that translates both the source and destination IP addresses of packets. To allow campus intranet users using private IP addresses to access the Internet, configure NAT.
Plan Example
Device |
Address Pool Name |
IP Address Range |
Health Check |
Other Parameters |
Remarks |
|---|---|---|---|---|---|
FW-a (master device) |
isp1_source |
192.0.2.5-192.0.2.10 |
isp1_health |
Default |
Address pool corresponding to ISP1 |
isp2_source |
198.51.100.5-198.51.100.10 |
isp2_health |
Default |
Address pool corresponding to ISP2 |
Device |
Security Policy Name |
Source Security Zone |
Destination Security Zone |
Other Parameters |
Remarks |
|---|---|---|---|---|---|
FW-a (master device) |
isp_nat |
trust |
untrust |
Default |
Security policy for users to access external networks through NAT |
Device |
NAT Policy Name |
NAT Type |
NAT Mode |
Source Security Zone |
Destination Security Zone |
Source Address Translated To |
Source NAT Address Pool |
Other Parameters |
Remarks |
|---|---|---|---|---|---|---|---|---|---|
FW-a (master device) |
isp1_nat |
NAT |
Source NAT |
trust |
untrust |
Address in the source NAT address pool |
isp1_source |
Default |
Perform NAT on packets destined for ISP1. |
isp2_nat |
NAT |
Source NAT |
trust |
untrust |
Address in the source NAT address pool |
isp2_source |
Default |
Perform NAT on packets destined for ISP2. |
Procedure
- Choose Policy > NAT Policy > NAT Policy > Source Translation Address Pool. In Source Translation Address Pool List, click Add to create a source NAT address pool.
- Choose Policy > Security Policy > Security Policy. In the Security Policy List area, click Add Security Policy to create a security policy.
- Choose Policy > NAT Policy > NAT Policy > NAT Policy. In NAT Policy List, click Add to create a NAT policy.
