Amer Networks E5Web GUI User Manual

Service=http-all
Action=Allow
SourceAction=NAT

The NATAction option could be left out since the default value is to use the interface address. The
alternative is to specify UseSenderAddress and use the NATSenderAddress option to specify the IP
address to use. The sender address will also need to be explicitly ARP published on the interface.

InControl

Follow the same steps used for the Web Interface below.

Web Interface

1.

Go to: Policies > Add > IPPolicy

2.

Specify a suitable name for the rule, for example NAT_HTTP

3.

Now enter:

•

Action: NAT

•

Source Interface: lan

•

Source Network: lan_net

•

Destination Interface: wan

•

Destination Network: all-nets

•

Service: http

4.

Select Address Translation, enable NAT and close the dialog

5.

Click OK

Logging is enabled by default.

Protocols Handled by NAT

Dynamic address translation is able to deal with the TCP, UDP and ICMP protocols with a good
level of functionality since the algorithm knows which values can be adjusted to become unique
in the three protocols. For other IP level protocols, unique connections are identified by their
sender addresses, destination addresses and protocol numbers.

This means that:

•

An internal machine can communicate with several external servers using the same IP
protocol.

•

An internal machine can communicate with several external servers using different IP
protocols.

•

Several internal machines can communicate with different external servers using the same IP
protocol.

•

Several internal machines can communicate with the same server using different IP
protocols.

Chapter 7: Address Translation

495