Filter
Top Products
Chapter 23 IPSec VPN
ZyWALL USG 50 User’s Guide
409
• Destination - the original destination address; the remote network (B).
• SNAT - the translated source address; the local network (A).
Source Address in Inbound Packets (Inbound Traffic, Source NAT)
You can set up this translation if you want to change the source address of
computers in the remote network. To set up this NAT, you have to specify the
following information:
• Source - the original source address; the remote network (B).
• Destination - the original destination address; the local network (A).
• SNAT - the translated source address; a different IP address (range of
addresses) to hide the original source address.
Destination Address in Inbound Packets (Inbound Traffic, Destination
NAT)
You can set up this translation if you want the ZyWALL to forward some packets
from the remote network to a specific computer in the local network. For example,
in Figure 239 on page 408, you can configure this kind of translation if you want to
forward mail from the remote network to the mail server in the local network (A).
You have to specify one or more rules when you set up this kind of NAT. The
ZyWALL checks these rules similar to the way it checks rules for a firewall. The
first part of these rules define the conditions in which the rule apply.
• Original IP - the original destination address; the remote network (B).
• Protocol - the protocol [TCP, UDP, or both] used by the service requesting the
connection.
• Original Port - the original destination port or range of destination ports; in
Figure 239 on page 408, it might be port 25 for SMTP.
The second part of these rules controls the translation when the condition is
satisfied.
• Mapped IP - the translated destination address; in Figure 239 on page 408, the
IP address of the mail server in the local network (A).
• Mapped Port - the translated destination port or range of destination ports.
The original port range and the mapped port range must be the same size.