1:1 NAT: Difference between revisions

From Edge Threat Management Wiki - Arista
Jump to navigationJump to search
(Created page with "1:1 NAT This section will help you set up 1:1 NAT. What is 1:1 NAT 1:1 NAT (Network Address Translation) is a mode of NAT that maps one internal address to one external addre...")
 
No edit summary
 
Line 1: Line 1:
1:1 NAT
== 1:1 NAT ==
This section will help you set up 1:1 NAT.
This section will help you set up 1:1 NAT.


What is 1:1 NAT
=== What is 1:1 NAT ===
1:1 NAT (Network Address Translation) is a mode of NAT that maps one internal address to one external address. For example, if a network has an internal servers at 192.168.1.10, 1:1 NAT can map 192.168.1.10 to 1.2.3.4 where 1.2.3.4 is an additional external IP address provided by your ISP.
1:1 NAT (Network Address Translation) is a mode of NAT that maps one internal address to one external address. For example, if a network has an internal servers at 192.168.1.10, 1:1 NAT can map 192.168.1.10 to 1.2.3.4 where 1.2.3.4 is an additional external IP address provided by your ISP.




How do I setup 1:1 NAT?
=== How do I setup 1:1 NAT? ===
You need to do three things: first, setup an external IP Address Alias; second, map inbound traffic destined for the external address so it is redirected to the correct internal machine; third, map outbound traffic from the internal machine out the correct external address. In this example, we'll assume you're trying to setup 1:1 NAT for 192.168.1.10 to 1.2.3.4 - you will need to be in advanced mode to configure 1:1 NAT.
You need to do three things: first, setup an external IP Address Alias; second, map inbound traffic destined for the external address so it is redirected to the correct internal machine; third, map outbound traffic from the internal machine out the correct external address. In this example, we'll assume you're trying to setup 1:1 NAT for 192.168.1.10 to 1.2.3.4 - you will need to be in advanced mode to configure 1:1 NAT.


Create an IP Address Alias on the WAN interface for 1.2.3.4 with the appropriate netmask provided by your ISP and save it.
Create an IP Address Alias on the WAN interface for 1.2.3.4 with the appropriate netmask provided by your ISP and save it.
Line 23: Line 22:
Once this is configured and saved, your 1:1 NAT setup is complete.
Once this is configured and saved, your 1:1 NAT setup is complete.


How do I verify 1:1 NAT is working?
=== How do I verify 1:1 NAT is working? ===
You can check outbound traffic by going to your internal server and visiting whatismyip.com. You can check inbound traffic by testing your port forward. For example, if your internal server is running a web server then visit http://1.2.3.4/ from outside the network - it should load the web server on 192.168.1.10.
You can check outbound traffic by going to your internal server and visiting whatismyip.com. You can check inbound traffic by testing your port forward. For example, if your internal server is running a web server then visit http://1.2.3.4/ from outside the network - it should load the web server on 192.168.1.10.

Latest revision as of 21:00, 9 September 2022

1:1 NAT

This section will help you set up 1:1 NAT.

What is 1:1 NAT

1:1 NAT (Network Address Translation) is a mode of NAT that maps one internal address to one external address. For example, if a network has an internal servers at 192.168.1.10, 1:1 NAT can map 192.168.1.10 to 1.2.3.4 where 1.2.3.4 is an additional external IP address provided by your ISP.


How do I setup 1:1 NAT?

You need to do three things: first, setup an external IP Address Alias; second, map inbound traffic destined for the external address so it is redirected to the correct internal machine; third, map outbound traffic from the internal machine out the correct external address. In this example, we'll assume you're trying to setup 1:1 NAT for 192.168.1.10 to 1.2.3.4 - you will need to be in advanced mode to configure 1:1 NAT.

Create an IP Address Alias on the WAN interface for 1.2.3.4 with the appropriate netmask provided by your ISP and save it. This can be done at Config > Network > Interfaces on the specific interface and tells Untangle to take ownership of that IP.

Create a port forward for inbound sessions and save it. This rule will cause all inbound sessions destined for 1.2.3.4 to be forwarded to 192.168.1.10: Destination Address: 1.2.3.4 New Destination: 192.168.1.10

Create a nat rule for outbound sessions - this causes all outbound sessions from 192.168.1.10 to be NATd to 1.2.3.4. This is done at Config > Network > NAT Rules: Source Address: 192.168.1.10 NAT Type: Custom New Source: 1.2.3.4 Once this is configured and saved, your 1:1 NAT setup is complete.

How do I verify 1:1 NAT is working?

You can check outbound traffic by going to your internal server and visiting whatismyip.com. You can check inbound traffic by testing your port forward. For example, if your internal server is running a web server then visit http://1.2.3.4/ from outside the network - it should load the web server on 192.168.1.10.