HP (Hewlett-Packard) MSM7XX Switch User Manual


  Open as PDF
of 434
 
Network configuration
Network address translation (NAT)
6. To support the FTP server, create two additional mappings with the following values:
Set Standard Services to ftp-data (TCP 20) and set IP address to 192.168.1.3.
Set Standard Services to ftp-control (TCP 21) and set IP address to
192.168.1.3.
The NAT mappings table should now show all three mappings:
VPN One-to-one NAT
This feature can only be used with authenticated, access-controlled users. It is only
supported when a static IP address is assigned to the Internet port. (It is configured by
selecting Network > Ports > Internet port > Static > Additional IP addresses.)
When this feature is enabled, the service controller can assign a unique IP address to each
IPSec or PPTP VPN connection made by a user to a remote server via the Internet port.
Addresses are assigned as defined in the Address pool.
To reduce the number of addresses that need to be defined, the service controller will use the
same address for multiple users as long as they are establishing a connection with different
VPN servers.
Use this feature when all of the following conditions are true:
Users intend to make IPSec or PPTP VPN connections with a remote site via the service
controller Internet port.
NAT is enabled on the service controller.
In its default configuration, NAT translates all IP address on the local network to a single
public IP address: the address assigned to the service controller Internet port. As a result,
all user sessions to an external resource appear to originate from the same IP address.
This can cause a problem with remote VPN servers that require a unique IP address for
each user session.
The remote VPN server requires that each user have a unique IP address.
Assigning addresses to client stations
To make use of this feature, each user account must have the VPN one-to-one NAT option
enabled.
If using the local user accounts (defined on the Service controller >> Users menu),
enable VPN one-to-one NAT in the account profile that is assigned to the user.
10-26
 previous next