Port forwarding can be used to allow external nodes access to certain services of the internal
network e.g. FTP, WBM.
You configure NAPT in "Layer 3" > "NAT" > "NAPT (Page 139)".
Source NAT
As in masquerading, in source NAT the source address is translated. In addition to this, the
outgoing data packets can be restricted. These include limitation to certain IP addresses or
IP address ranges and limitation to certain interfaces. These rules can also be applied to
VPN connections.
Source NAT can be used if the internal IP addresses cannot or should not be forwarded
externally, for example because a private address range such as 192.168.x.x is used.
You configure source NAT in "Layer 3" > "NAT" > "Source NAT (Page 141)".
NETMAP
With NETMAP it is possible to translate complex subnets to a different subnet. In this
translation, the subnet part of the IP address is changed and the host part remains. For
translation with NETMAP only one rule is required. NETMAP can translate both the source
IP address and the destination IP address. To perform the translation with destination NAT
and source NAT, numerous rules would be necessary. NETMAP can also be applied to VPN
connections.
You configure 1:1 NAT in "Layer 3" > "NAT" > "NETMAP (Page 143)".
See also
NAPT (Page 139)
SCALANCE S615 Web Based Management
Configuration Manual, 05/2015, C79000-G8976-C388-02
Technical basics
2.3 NAT
25