Configuration | Policy Management | Traffic Management | NAT
This section of the Manager lets you configure and enable NAT (Network Address Translation). NAT
translates private network addresses into an IANA-assigned public network address, and vice versa, and
thus allows traffic routing between the networks.
The VPN Concentrator provides many-to-one translation; that is, it translates many private network
addresses to the single address configured on the public network interface.
Since tunneling functions already provide NAT-like translation for tunneled data traffic, the NAT
functions here provide translation for other (nontunneled) data traffic routed through the VPN
Concentrator.
To use NAT, we recommend that you first configure NAT rules, then enable the function. Before you can
configure NAT rules, however, you must assign an IP address to a public interface on the VPN
Concentrator; see Configuration | Interfaces .
NAT examines and applies rules in this order:
• FTP Proxy rules
• Map TCP , Map TCP/UDP , and Map UDP rules
• No Port Mapping rules
See Configuration | Policy Management | Traffic Management | NAT | Rules | Add for descriptions of the rules.
You can change NAT rules while NAT is enabled. Doing so will affect subsequent sessions, but not
current sessions.
Figure 13-18: Configuration | Policy Management | Traffic Management | NAT screen
VPN 3000 Concentrator Series User Guide
Configuration | Policy Management | Traffic Management | NAT
13-39