2 static nat (one to one), Static nat (one to one), 2static nat (one to one) – Black Box LR1102A-T1/E1 User Manual

NAT Configuration Examples

87

13.1.2Static NAT (one to one)

Figure 26 Static NAT

In static (one-to-one) NAT type, for each IP address in the corporate network, one NAT IP address will be used. For example,
for the three IP addresses from 10.1.1.1 to 10.1.1.3, there is a set of three NAT IP address from 50.1.1.1 to 50.1.1.3. In case of
one-to-one NAT, only IP address translation takes place, that is, if a packet travels from 10.1.1.1 to yahoo.com, the Black
Box-Firewall only substitutes the source address in the IP header with the NAT IP address. The source port will be the same as
the original.

The static NAT configuration shown in Figure 26 includes:

„

Private network address:10.1.1.1—10.1.1.3

„

Public (NAT) IP address range: 50.1.1.1—50.1.1.3

To create NAT pool with type static, specify the IP address and the ending NAT IP address. Add a policy with source IP
address range and attach NAT pool to the policy.

Blackbox/configure> firewall corp

Blackbox/configure/firewall corp object

Blackbox/configure/firewall corp/object> nat-pool addresspoolStat static 50.1.1.1

50.1.1.3

Blackbox/configure/firewall corp/object> exit

Blackbox/configure/firewall corp> policy 7 out address 10.1.1.1 10.1.1.3 any any

Blackbox/configure/firewall corp/policy 7 out> apply-object nat-pool addresspoolStat

Blackbox/configure/firewall corp/policy 7 out> exit 2

Blackbox/configure>

50.1.1.1-50.1.1.3

OPAL

10.1.1.3

10.1.1.2

10.1.1.1

INTERNET