If you only have one registered IP address (A) and you want to have all inbound traffic go to A, go to your Screen and have all other hosts use that address (A) for unidirectional, outbound traffic. Then set up NAT as shown in the table below.
Table 7-4 Example of a One-Address NAT Table Entry
Index |
Screen |
TYPE |
Source |
Destination |
Translated Source |
Translated Destination |
Comment |
---|---|---|---|---|---|---|---|
1 |
|
STATIC |
* |
A |
* |
A |
|
2 |
|
DYNAMIC |
Inside |
Internet |
A |
Internet |
|
Internet is all addresses on inbound interface A; and Inside is all internal hosts on all other interfaces. With only these NAT rules, all hosts in the Inside communicate with their private, unregistered addresses when communicating with the Screen or among themselves.
Write your filtering rules in the context of the internal addresses.