Support User Manuals

SonicWALL 3 Home Security System User Manual

Open as PDF

of 348

82

SONICWALL SONICOS STANDARD 3.0 ADMINISTRATOR’S GUIDE

C

HAPTER

10:

Configuring One-to-One NAT

4

Enter the beginning IP address of the valid address range being mapped in the Public Range

Begin field. This address should be assigned by your ISP and be in the same logical subnet as the

NAT public IP address.

S

Alert: Do not include the SonicWALL security appliance WAN IP (NAT Public) Address or the WAN

Gateway (Router) Address in this range.

5

Enter the number of public IP addresses that should be mapped to private addresses in the Range

Length field. The range length can not exceed the number of valid IP addresses. Up to 64 ranges

can be added. To map a single address, enter a Range Length of 1.

6

Click OK.

7

Click Apply. Once the SonicWALL security appliance has been updated, a message confirming

the update is displayed at the bottom of the browser window.

S

Alert: One-to-One NAT maps valid, public IP addresses to private LAN or OPT IP addresses. It does

not allow traffic from the Internet to the private LAN.

9

Tip: After One-to-One NAT is configured, create an Allow rule to permit traffic from the Internet to the

private IP address(es) on the LAN or OPT.

To edit an existing entry in the One-to-One Network Address Translation (NAT) Ranges, click the edit

icon. To delete an entry, click the delete icon. To delete all entries, click Delete All.

One-to-One NAT Configuration Example

This example assumes that you have a SonicWALL security appliance running in the NAT-enabled

mode, with IP addresses on the LAN in the range 192.168.1.1 - 192.168.1.254, and a WAN IP

address of 208.1.2.2. Also, you own the IP addresses in the range 208.1.2.1 - 208.1.2.6.

S

Alert: If you have only one IP address from your ISP, you cannot use One-to-One NAT.

You have three web servers on the LAN with the IP addresses of 192.168.1.10, 192.168.1.11, and

192.168.1.12. Each of the servers must have a default gateway pointing to 192.168.1.1, the

SonicWALL security appliance LAN IP address.

You also have three additional IP addresses from your ISP, 208.1.2.4, 208.1.2.5, and 208.1.2.6, that

you want to use for three additional web servers. Use the following steps to configure One-to-One

NAT:

1

Select Enable One-to-One NAT.

2

Click Add. The Add NAT Entry window is displayed

3

Enter in the IP address, 192.168.1.10, in the Private Range Begin field.

4

Enter in the IP address, 208.1.2.4, in the Public Range Begin field.

5

Enter in 3 in the Range Length field.

9

Tip: You can configure the IP addresses individually, but it is easier to configure them in a range.

However, the IP addresses on both the private and public sides must be consecutive to configure a

range of addresses.

6

Click OK.

7

Click Apply.

8

Click Firewall, then Access Rules.

9

Click Add.

previous next