Owner's Manual
426
Click one of the
Available
applications or application sets, and click the right arrow (>) to
move it to the
Selected
panel. You can also use the up/down arrows below the
Selected
panel
to reorder selected items.
Action tab
This tab lets you configure an action once this term’s match criteria are met.
Figure 13-7. Firewall Rule Term Actions.
- Potential actions on the pick list in this tab include the following:
-
Accept
—Packet is accepted and sent to its destination
-
Discard
—Packet is not accepted and is not processed further.
-
Reject
—Packet is not accepted, and a rejection message returns.
-
Syslog
—Check this if you want to log the property’s action.
The
Configure
button at the bottom of these screens executes the desired configuration on the
selected equipment.Click the
Refresh
button to re-query for these items.
Network Address Translation (NAT)
Network Address Translation (NAT) is a mechanism for concealing a set of host addresses on a
private network behind a pool of public addresses. This can be a security measure to protect the
host addresses from direct targeting in network attacks. Network address port translation (NAPT) is
supported for source addresses.
This device driver also supports NAT as a group operation. Consult NAT Rules on page 427 for a
description of the fields in the group operations screen.
The AS PIC interfaces support the following types of NAT processing:
-
Static-source
NAT hides a private network without using NAPT.
-
Dynamic-source
NAT hides a private network using NAPT.
-
Static-destination
NAT makes selected private servers accessible.
NAT Pools
NAT Pools define the address(es) and port(s) used for network address translation.