The firewall will allow all IP-based traffic unless restricted by access lists, authentication, or authorization.
One or more of the following commands are required:
- nat, nat 0, global, static
Less Secure to a More Secure interface
Is designated as inbound traffic.
Outside to Inside connections.
Inbound permission is required.
The firewall will drop all packets unless specifically allowed in the access-list that is applied on the
arriving interface. Further restrictions apply if authentication and authorization are used.
One or more of the following commands are required:
- nat 0 with ACL, static and inbound access-list on the ingress interface.
NAT Types
Several types of NAT are available. The Security Appliance can be configured to perform any of the following
types:
Dynamic NAT
Dynamic Port Address Translation (PAT)
Static NAT
Static PAT
Dynamic NAT
Dynamic NAT translates a group of real (private) addresses to public IP addresses drawn from a pool of
registered (public) addresses that are routable on the destination network. When a host initiates a connection to
a particular destination, the Security Appliance translates the host source address to the corresponding NAT rule
from the mapped pool.
Pages:
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298