Setting up network address translation
To set up the SafeLinx Server to act as an agent between a public network and a private network and perform network address translation, add a network address translator (NAT).
A NAT defines a range of unique IP addresses, then randomly assigns an originating packet to a port number (1024 through 65535). The NAT maintains the mapping of the packet to the port number in a translation table during a TCP session or until a timeout occurs for a TCP session or a UDP connection.
- SafeLinx Client IP address = 34.34.130.3
- NAT using single IP address = 48.48.130.9
- HTTP server IP address = 129.42.16.99
The HTTP request packet from the SafeLinx Client has a source address and port pair of
34.34.130.3@32771
and a destination address and port pair of
129.42.16.99@80
When the packet reaches the NAT, the NAT reassigns the source address
to its own IP address and assigns a random port number. The NAT sends
the packet to the HTTP server with a source address and port pair
of 48.48.130.9@6022
and the destination address and
port pair remains 129.42.16.99@80
When the page is retrieved, the HTTP server responds with a packet,
which has a source address and port pair of 129.42.16.99@80
The destination address and port pair from the HTTP server is 48.48.130.9@6022
The NAT receives the packet and maps the destination address and port back to the SafeLinx Client
at 34.34.130.3@32771
- A descriptive name
- The IP addresses that identify the NAT addresses. When more than one address is specified, the IP addresses are assigned in a continuously repeating round-robin fashion.
- The amount of time in minutes of inactivity that determines a TCP and UDP session timeout
- The source and destination packet data addressing information that filters whether the NAT should process a packet. If you do not specify any source or destination addresses, the NAT applies to the all traffic connected through the MNI.
- A packet mapping group if you want to add the NAT to a group. Make sure to create a packet mapping group first, then add the NAT to it.
- Right-click the MNI to which you want to assign the NAT and select Properties.
- Click the Security tab of the MNI
- Select the NAT or packet mapping group and click OK or Apply.