Installation guide
Switch Security
6-36
back to the specific internal private class IP address in order to reach the LAN over the switch
managed network.
6. Use the Access List drop-down menu to select the list of addresses used during NAT translation.
These addresses (once translated) will not be exposed to the outside world when the translation
address is used to interact with the remote destination.
7. Use the Interface drop-down menu to select the VLAN used as the communication medium between
the source and destination points within the NAT configuration. Ensure the VLAN selected represents
the intended network traffic within the NAT supported configuration. VLAN1 is available by default.
8. Refer to the Status field for the current state of the requests made from applet. This field displays
error messages if something goes wrong in the transaction between the applet and the switch.
9. Click OK to use the changes to the running configuration and close the dialog.
10. Click Cancel to close the dialog without committing updates to the running configuration.
6.6.2 Defining Static NAT Translations
Static NAT creates a permanent, one-to-one mapping between an address on an internal network and a
perimeter or external network. To share a Web server on a perimeter interface with the Internet, use static
address translation to map the actual address to a registered IP address. Static address translation hides the
actual address of the server from users on insecure interfaces. Casual access by unauthorized users becomes
much more difficult. Static NAT requires a dedicated address on the outside network for each host.
Refer to the NAT screen’s Static Translation tab to view existing static NAT configurations available to
switch.
To view and add/edit a dynamic NAT configuration:
1. Select Security > NAT from the main menu tree.
2. Click on the Static Translation tab.