2 using nat, 1 sua (single user account) versus nat, Table 121 nat mapping types – ZyXEL Communications 5 Series User Manual

ZyWALL 5/35/70 Series User’s Guide

Chapter 21 Network Address Translation (NAT)

399

• Server: This type allows you to specify inside servers of different services behind the

NAT to be accessible to the outside world although, it is highly recommended that you
use the DMZ port for these servers instead.

Note: Port numbers do not change for One-to-One and Many-One-to-One NAT

mapping types.

The following table summarizes the NAT mapping types.

21.2 Using NAT

Note: You must create a firewall rule in addition to setting up SUA/NAT, to allow

traffic from the WAN to be forwarded through the ZyWALL.

21.2.1 SUA (Single User Account) Versus NAT

SUA (Single User Account) is a ZyNOS implementation of a subset of NAT that supports two
types of mapping, Many-to-One and Server. The ZyWALL also supports Full Feature NAT
to map multiple global IP addresses to multiple private LAN IP addresses of clients or servers
using mapping types. Select either SUA or Full Feature in NAT Overview.

Selecting SUA means (latent) multiple WAN-to-LAN and WAN-to-DMZ address translation.
That means that computers on your DMZ with public IP addresses will still have to undergo
NAT mapping if you’re using SUA NAT mapping. If this is not your intention, then select
Full Feature NAT and don’t configure NAT mapping rules to those computers with public
IP addresses on the DMZ.

Table 121 NAT Mapping Types

TYPE

IP MAPPING

SMT ABBREVIATION

One-to-One

ILA1

ÅÆ IGA1

1-1

Many-to-One (SUA/PAT)

ILA1

ÅÆ IGA1

ILA2

ÅÆ IGA1

…

M-1

Many-to-Many Overload

ILA1

ÅÆ IGA1

ILA2

ÅÆ IGA2

ILA3

ÅÆ IGA1

ILA4

ÅÆ IGA2

…

M-M Ov

Many-One-to-One

ILA1

ÅÆ IGA1

ILA2

ÅÆ IGA2

ILA3

ÅÆ IGA3

…

M-1-1

Server

Server 1 IP

ÅÆ IGA1

Server 2 IP

ÅÆ IGA1

Server 3 IP

ÅÆ IGA1

Server