NAT
To hide IP addresses located behind one interface for a network behind another interface, turn on NAT (Network Address Translation, also known as masquerading) for that interface or only for that network.
NAT makes it more difficult to access the computers on a network directly from another network. For example, internal networks can be hidden from external networks such as the Internet. To access computers (e.g. a web server) you need a relay. See appendix A, IP Firewall in Ingate Firewall, for more information on how NAT and relays work.
If a network with private IP addresses is connected to eth0, traffic from these addresses must be NAT:ed when sent out to the Internet. You can also select to NAT traffic bound to a specific network behind the destination interface.
No.
This is a number that is used to identify each individual NAT rule. Rules are sorted in numerical order. To move a rule to a certain row, enter the number on the row to which you want to move it. You need only renumber rules that you want to move; other rules are renumbered automatically. When you click on Save, the rules are re-sorted. The order of the rules is important. Rules are used in the order in which they are displayed in the table; rule number 1 is first.
From
Select the interface and network from which traffic should originate if it should be NATed. If the network is omitted, all traffic from this interface will be NATed when sent to the destination under To.
Interface
Select the interface from which traffic should originate to be NATed.
Network
Enter the DNS name or network address for the network to be NAT:ed. If the network is omitted, all traffic from any computer connected to this interface will be NATed when sent to the destination under To.
Under Netmask, enter the netmask for the network to be NAT:ed.
To
Select the interface and network to which traffic should be destined if it should be NATed. If the network is omitted, all traffic to this interface will be NATed when originating from the network specified under From.
Interface
Select the interface behind which the destination network is located.
Network
Enter the DNS name or network address for the destination network. If no network is entered, all traffic to this interface will be NATed when originating from the network specified under From.
Under Netmask, enter the netmask for the destination network.
NAT as
You can select the IP address to be used when traffic is NAT:ed. Select from the IP addresses given to the firewall under Directly connected networks and Alias for the destination interface. If no IP address is selected, the firewall selects one at random.
Save
Saves all NAT configuration to the preliminary configuration.
Undo
Clears and resets all fields in new rows and resets changes in old rows.