Transparent mode scenarios, Transparent mode scenario 1, Setting up transparent mode for scenario 1 – Amer Networks E5Web GUI User Manual

Clavister Security Gateway is acting like a level 2 switch and address translation is done at the
higher IP OSI layer.

The other consequence of not using NAT is that IP addresses of users accessing the Internet
usually need to be public IPv4 addresses.

If NATing needs to be performed in the example above to hide individual addresses from the
Internet, it would have to be done by a device (possibly another Clavister Security Gateway)
between the 192.168.10.0/24 network and the public Internet. In this case, internal, private IPv4
addresses could be used by the users on Ethernet network pn2.

4.8.3. Transparent Mode Scenarios

Scenario 1

The security gateway in transparent mode is placed between an Internet access router and the
internal network. The router is used to share the Internet connection with a single public IPv4
address. The internal NATed network behind the security gateway is in the 10.0.0.0/24 address
space. Clients on the internal network are allowed to access the Internet via the HTTP protocol.

Figure 4.26. Transparent Mode Scenario 1

Example 4.20. Setting up Transparent Mode for Scenario 1

Command-Line Interface

Configure the wan interface:

Device:/> set Interface Ethernet wan

IP=10.0.0.1
Network=10.0.0.0/24
DefaultGateway=10.0.0.1
AutoSwitchRoute=Yes

Configure the lan interface:

Device:/> set Interface Ethernet lan

IP=10.0.0.2

Chapter 4: Routing

347