One-to-One Translations
Use static NAT rules to make one-to-one translations between either a single pair or multiple pairs of addresses. Most commonly, static NAT rules are used to translate an advertised address for a public server to a different address.
A static NAT rule translates either the source or destination addresses in a packet. In most cases, this means that you will need to define two NAT rules to:
-
Translate the source address when the packet is flowing in one direction.
-
Translate the destination address when packets are flowing in the other direction.
As an example of static NAT rules in one-to-one translation, assume that your public web server has an address of 10.0.0.1 (defined by the address object "private_www") and you want to allow access to this web server through the public address 199.190.177.1 (defined by the address object "public_www"). Assume also that the address Internet represents Internet addresses. To do this requires two static NAT rules, as shown in the table below
-
The first rule specifies that the destination address public_www (199.190.177.1) is the translated destination address private_www (10.0.0.1). This NAT rule handles packets flowing to the web server.
-
The second rule specifies that the source address private_www (10.0.0.1) is the translated source address public_www (199.190.177.1). This NAT rule handles packets flowing from the web server.
Table 7-1 Static NAT RulesType of NAT Rule
Source
Destination
Translated Source
Translated Destination
Comment
STATIC
"Internet"
"public_www"
"Internet"
"private_www"
Packets to server
STATIC
"private_www"
"Internet"
"public_www"
"Internet"
Packets from server
- © 2010, Oracle Corporation and/or its affiliates