Accessing the internet from private networks – Avaya 3.7 User Manual
Page 89
Using Device tabs to configure the security gateway
Issue 4 May 2005
89
●
Provide support for multi-gateway network configurations. Address mapping can be
used to ensure that request and reply packets enter and exit the network through the same
security gateway.
Accessing the Internet from private networks
shows an example of using NAT to allow hosts on a private non-routable or
non-registered network to access the Internet.
Figure 28: Access the Internet from private Networks
The above example can be used for the following three applications described in the previous
section,
:
●
Allow access to the Internet from private networks
●
Provide support for more hosts with fewer public addresses
●
Hide host addresses for security reasons
This configuration allows up to 254 private addresses from the 10.0.0.0/8 network to be
dynamically mapped to public addresses from the N
1
.N
2
.N
3
.0/24 network.
Each NAT mapping is assigned to an interface. The rules for applying address translations to a
packet entering or leaving an interface are:
●
When a packet is routed out on an interface (away from the security gateway), the source
address of the packet is modified.
●
Conversely, when a packet comes in on an interface (toward the security gateway), the
destination address of the packet is modified.