User manual
LinkMAX
HSA300 User Manual
67
apply to accesses to the specified server type at the
specified IP address or network.
7. Follow steps 7-12 under "The napt rule" on page 61 to
submit your changes.
The bimap rule: Performing two-way translations
Unlike the other NAT flavors, the bimap flavor performs address
translations in both the outgoing and incoming directions.
In the incoming direction, when the specified HSA300 interface
receives a packet with your public IP address as the destination
address, this address is translated to the private IP address of a
computer on your LAN. To the external computer, it appears as if
the access is being made to the public IP address, when, in fact, it
is communicating with a LAN computer.
In the outgoing direction, the private source IP address in a data
packet is translated to the LAN’s public IP address. To the rest of
the Internet, it appears as if the data packet originated from the
public IP address.
Bimap rules can be used to provide external access to a LAN
device. They do not provide the same level of security as rdr rules,
because rdr rules also reroute incoming packets based on the port
ID. Bimap rules do not account for the port number, and therefore
allow external access regardless of the destination port type
specified in the incoming packet.
Figure 34 shows the fields used to establish a bimap rule.
Figure 34. NAT Rule – Add Page (bimap Flavor)
Follow these instructions to add a bimap rule (see steps 1-4 under
"The napt rule" on page 61 for specific instructions corresponding to
steps 1 and 2 below):
1. Display the NAT Rule – Add Page, select
BIMAP
as the
Rule Flavor, and enter a Rule ID.
2. Select the interface on which this rule will be effective.
3. In the Local Address field, type the private IP address of the
computer to which you are granting external access.