Module 3 NAT
27
Check Point Security Check Point Security Administration Administration Module 3: Module 3: Network Address Translation Network Address Translation Authorized Distributor in Vietnam Nguyễn Nguyễn Như Như Bằng Bằng
description
Module 3 NAT
Transcript of Module 3 NAT
-
Ch
eck P
oin
t S
ecu
rity
C
heck P
oin
t S
ecu
rity
A
dm
inis
trati
on
Ad
min
istr
ati
on
Mo
du
le 3
: M
od
ule
3:
Netw
ork
Ad
dre
ss T
ran
sla
tio
nN
etw
ork
Ad
dre
ss T
ran
sla
tio
n
Au
tho
riz
ed
Dis
trib
uto
r in
Vie
tna
m
Ng
uy
n
Ng
uy
n N
h
Nh
B
ng
B
ng
-
Secu
rity
Ad
min
istr
ati
on
Secu
rity
Ad
min
istr
ati
on
Co
urs
e M
ap
Co
urs
e M
ap
Mo
du
le 1
:M
od
ule
1:
VP
NV
PN
--1 N
GX
Arc
hit
ectu
re1 N
GX
Arc
hit
ectu
re
Mo
du
le 2
:M
od
ule
2:
Secu
rity
Po
licy
Secu
rity
Po
licy
Mo
du
le 3
:M
od
ule
3:
Netw
ork
Ad
dre
ss T
ran
sla
tio
nN
etw
ork
Ad
dre
ss T
ran
sla
tio
n
Mo
du
le 4
:M
od
ule
4:
Mo
nit
ori
ng
Mo
nit
ori
ng
Mo
du
le 4
:M
od
ule
4:
Mo
nit
ori
ng
Mo
nit
ori
ng
Mo
du
le 3
: M
od
ule
3:
Dis
aste
r R
eco
very
Dis
aste
r R
eco
very
-
Intr
od
uc
tio
nIn
tro
du
cti
on
Ob
jecti
ves
Ob
jecti
ves
L
ist
the
re
as
on
s a
nd
me
tho
ds
fo
r N
etw
ork
L
ist
the
re
as
on
s a
nd
me
tho
ds
fo
r N
etw
ork
A
dd
res
s T
ran
sla
tio
nA
dd
res
s T
ran
sla
tio
n
D
em
on
str
ate
ho
w t
o s
et
up
Sta
tic
NA
TD
em
on
str
ate
ho
w t
o s
et
up
Sta
tic
NA
T
D
em
on
str
ate
ho
w t
o s
et
up
Dy
na
mic
(H
ide
) D
em
on
str
ate
ho
w t
o s
et
up
Dy
na
mic
(H
ide
)
Ne
two
rk A
dd
res
s T
ran
sla
tio
n (
NA
T)
Ne
two
rk A
dd
res
s T
ran
sla
tio
n (
NA
T)
D
em
on
str
ate
ho
w t
o s
et
up
Dy
na
mic
(H
ide
) D
em
on
str
ate
ho
w t
o s
et
up
Dy
na
mic
(H
ide
) N
AT
NA
T
-
Netw
ork
Ad
dre
ss T
ran
sla
tio
nN
etw
ork
Ad
dre
ss T
ran
sla
tio
n
Wh
at
is N
AT
?W
ha
t is
NA
T?
as a
co
mp
on
en
t o
f V
PN
as a
co
mp
on
en
t o
f V
PN
--1/F
irew
all
1/F
irew
all
--1 it
is
1 it
is
used
fo
r th
ree t
hin
gs :
used
fo
r th
ree t
hin
gs :
to
ma
ke
us
e o
f p
riv
ate
IP
ad
dre
ss
es
on
th
e
to m
ak
e u
se
of
pri
va
te IP
ad
dre
ss
es
on
th
e
inte
rna
l n
etw
ork
inte
rna
l n
etw
ork
inte
rna
l n
etw
ork
inte
rna
l n
etw
ork
to
lim
it e
xte
rna
l n
etw
ork
ac
ce
ss
fo
r s
ec
uri
ty
to lim
it e
xte
rna
l n
etw
ork
ac
ce
ss
fo
r s
ec
uri
ty
rea
so
ns
rea
so
ns
to
giv
e e
as
e a
nd
fle
xib
ilit
y t
o n
etw
ork
to
giv
e e
as
e a
nd
fle
xib
ilit
y t
o n
etw
ork
a
dm
inis
tra
tio
na
dm
inis
tra
tio
n
-
Mo
du
le 3
:M
od
ule
3:
NA
TN
AT IP
Ad
dre
ssin
gIP
Ad
dre
ssin
g
R
FC
19
18
de
tails
th
e r
es
erv
ed
ad
dre
ss
gro
up
sR
FC
19
18
de
tails
th
e r
es
erv
ed
ad
dre
ss
gro
up
s
Cla
ss
A n
etw
ork
nu
mb
ers
C
las
s A
ne
two
rk n
um
be
rs
10.0
.0.0
10.0
.0.0
10.2
55.2
55.2
55
10.2
55.2
55.2
55
10.0
.0.0
10.0
.0.0
10.2
55.2
55.2
55
10.2
55.2
55.2
55
Cla
ss
B n
etw
ork
nu
mb
ers
Cla
ss
B n
etw
ork
nu
mb
ers
172.1
6.0
.0
172.1
6.0
.0
172.3
1.2
55.2
55
172.3
1.2
55.2
55
Cla
ss
C n
etw
ork
nu
mb
ers
Cla
ss
C n
etw
ork
nu
mb
ers
192.1
68.0
.0
192.1
68.0
.0
192.1
68.2
55.2
55
192.1
68.2
55.2
55
-
Mo
du
le 3
Mo
du
le 3
Netw
ork
Secu
rity
Netw
ork
Secu
rity
a
dd
itio
na
l b
en
efi
t o
f N
AT
is
in
cre
as
ed
ne
two
rk
ad
dit
ion
al b
en
efi
t o
f N
AT
is
in
cre
as
ed
ne
two
rk
se
cu
rity
se
cu
rity
inte
rna
l h
os
t c
an
co
nn
ec
t b
oth
in
sid
e a
nd
in
tern
al h
os
t c
an
co
nn
ec
t b
oth
in
sid
e a
nd
o
uts
ide
in
tra
ne
to
uts
ide
in
tra
ne
t
ex
tern
al u
nk
no
wn
ho
st
ou
tsid
e t
he
e
xte
rna
l u
nk
no
wn
ho
st
ou
tsid
e t
he
e
xte
rna
l u
nk
no
wn
ho
st
ou
tsid
e t
he
e
xte
rna
l u
nk
no
wn
ho
st
ou
tsid
e t
he
n
etw
ork
ca
nn
ot
co
nn
ec
t to
in
tern
al h
os
tn
etw
ork
ca
nn
ot
co
nn
ec
t to
in
tern
al h
os
t
ex
tern
al c
on
ne
cti
on
s w
ith
a s
po
ofe
d
ex
tern
al c
on
ne
cti
on
s w
ith
a s
po
ofe
d
inte
rna
l a
dd
res
s w
ill b
e r
ec
og
nis
ed
an
d
inte
rna
l a
dd
res
s w
ill b
e r
ec
og
nis
ed
an
d
pre
ve
nte
d f
rom
ga
inin
g a
cc
es
sp
reve
nte
d f
rom
ga
inin
g a
cc
es
s
inte
rna
l p
ub
lic
se
rve
rs a
re m
ad
e a
va
ila
ble
in
tern
al p
ub
lic
se
rve
rs a
re m
ad
e a
va
ila
ble
w
ith
in
bo
un
d m
ap
pin
g o
f w
ell k
no
w T
CP
w
ith
in
bo
un
d m
ap
pin
g o
f w
ell k
no
w T
CP
p
ort
s t
o s
pe
cif
ic in
tern
al a
dd
res
se
sp
ort
s t
o s
pe
cif
ic in
tern
al a
dd
res
se
s
-
Mo
du
le 3
Mo
du
le 3
Netw
ork
Ad
min
istr
ati
on
Netw
ork
Ad
min
istr
ati
on
V
PN
VP
N--1
/Fir
ew
all
1/F
ire
wa
ll--1
su
pp
ort
s t
wo
ty
pe
s o
f N
AT
1 s
up
po
rts
tw
o t
yp
es
of
NA
T
Sta
tic
NA
TS
tati
c N
AT
Dyn
am
ic (
Hid
e)
NA
TD
yn
am
ic (
Hid
e)
NA
T
Sta
tic N
AT
Sta
tic N
AT
Sta
tic N
AT
Sta
tic N
AT
tr
an
sla
tes e
ac
h p
riv
ate
ad
dre
ss
to
a
tra
ns
late
s e
ac
h p
riv
ate
ad
dre
ss
to
a
co
rre
sp
on
din
g p
ub
lic
ad
dre
ss
co
rre
sp
on
din
g p
ub
lic
ad
dre
ss
tw
o m
od
es
, s
tati
c s
ou
rce
an
d s
tati
c
two
mo
de
s, s
tati
c s
ou
rce
an
d s
tati
c
de
sti
na
tio
nd
es
tin
ati
on
-
Un
ders
tan
din
g D
yn
am
ic (
Hid
e)
NA
TU
nd
ers
tan
din
g D
yn
am
ic (
Hid
e)
NA
T
-
Un
ders
tan
din
g S
tati
c N
AT
Un
ders
tan
din
g S
tati
c N
AT
-
Mo
du
le 3
Mo
du
le 3
Sta
tic S
ou
rce N
AT
Sta
tic S
ou
rce N
AT
tr
an
sla
tes p
riv
ate
in
tern
al s
ou
rce
IP
ad
dre
ss
es
tr
an
sla
tes p
riv
ate
in
tern
al s
ou
rce
IP
ad
dre
ss
es
to a
pu
blic
ex
tern
al s
ou
rce
IP
ad
dre
ss
to a
pu
blic
ex
tern
al s
ou
rce
IP
ad
dre
ss
in
itia
ted
by
in
tern
al c
lie
nts
wit
h p
riv
ate
IP
in
itia
ted
by
in
tern
al c
lie
nts
wit
h p
riv
ate
IP
ad
dre
ss
ad
dre
ss
ad
dre
ss
ad
dre
ss
-
Mo
du
le 3
:M
od
ule
3:
Sta
tic S
ou
rce N
AT
Sta
tic S
ou
rce N
AT
-
Mo
du
le 3
:M
od
ule
3:
Ad
dre
ss T
ran
sla
tio
n U
sin
g S
tati
c S
ou
rce
Ad
dre
ss T
ran
sla
tio
n U
sin
g S
tati
c S
ou
rce
Mo
de
Mo
de
-
Mo
du
le 3
Mo
du
le 3
Sta
tic D
esti
nati
on
NA
TS
tati
c D
esti
nati
on
NA
T
tr
an
sla
tes p
ub
lic
ad
dre
ss
es
to
pri
va
te
tra
ns
late
s p
ub
lic
ad
dre
ss
es
to
pri
va
te
ad
dre
ss
es
ad
dre
ss
es
in
itia
ted
by
ex
tern
al c
lie
nts
init
iate
d b
y e
xte
rna
l c
lie
nts
-
Mo
du
le 3
:M
od
ule
3:
Ad
dre
ss T
ran
sla
tio
n U
sin
g S
tati
c
Ad
dre
ss T
ran
sla
tio
n U
sin
g S
tati
c
Desti
nati
on
Mo
de
Desti
nati
on
Mo
de
-
Mo
du
le 3
:M
od
ule
3:
Ad
dre
ss T
ran
sla
tio
n U
sin
g S
tati
c
Ad
dre
ss T
ran
sla
tio
n U
sin
g S
tati
c
Desti
nati
on
Mo
de
Desti
nati
on
Mo
de
-
Mo
du
le 3
Mo
du
le 3
Dyn
am
ic
(Hid
e)
NA
TD
yn
am
ic
(Hid
e)
NA
T
used
fo
r co
nn
ecti
on
s in
itia
ted
by h
osts
in
u
sed
fo
r co
nn
ecti
on
s in
itia
ted
by h
osts
in
an
in
tern
al n
etw
ork
wh
ere
th
e h
osts
IP
an
in
tern
al n
etw
ork
wh
ere
th
e h
osts
IP
ad
dre
sses a
re p
rivate
ad
dre
sses a
re p
rivate
pri
vate
in
tern
al ad
dre
sses a
re h
idd
en
p
rivate
in
tern
al ad
dre
sses a
re h
idd
en
p
rivate
in
tern
al ad
dre
sses a
re h
idd
en
p
rivate
in
tern
al ad
dre
sses a
re h
idd
en
b
eh
ind
a s
ing
le p
ub
lic e
xte
rnal
ad
dre
ss
beh
ind
a s
ing
le p
ub
lic e
xte
rnal
ad
dre
ss
uses d
yn
am
icall
y a
ssig
ned
po
rt n
um
bers
u
ses d
yn
am
icall
y a
ssig
ned
po
rt n
um
bers
to
dis
tin
gu
ish
betw
een
th
em
to d
isti
ng
uis
h b
etw
een
th
em
-
Mo
du
le 3
:M
od
ule
3:
Dyn
am
ic N
AT
Dyn
am
ic N
AT
-
Mo
du
le 3
Mo
du
le 3
Dyn
am
ic (
Hid
e)
NA
T C
td.
Dyn
am
ic (
Hid
e)
NA
T C
td.
hid
e m
od
e p
ac
ke
ts s
ou
rce
po
rt n
um
be
rs a
re
hid
e m
od
e p
ac
ke
ts s
ou
rce
po
rt n
um
be
rs a
re
mo
dif
ied
mo
dif
ied
de
sti
na
tio
n o
f a
pa
ck
et
is d
ete
rmin
ed
by t
he
po
rt
de
sti
na
tio
n o
f a
pa
ck
et
is d
ete
rmin
ed
by t
he
po
rt
nu
mb
er
nu
mb
er
po
rt n
um
be
rs a
re d
yn
am
ica
lly a
ss
ign
ed
fro
m t
wo
p
ort
nu
mb
ers
are
dyn
am
ica
lly a
ss
ign
ed
fro
m t
wo
p
ort
nu
mb
ers
are
dyn
am
ica
lly a
ss
ign
ed
fro
m t
wo
p
ort
nu
mb
ers
are
dyn
am
ica
lly a
ss
ign
ed
fro
m t
wo
p
oo
ls o
f n
um
be
rs :
po
ols
of
nu
mb
ers
:
fr
om
600 t
o 1
023
fro
m 6
00 t
o 1
023
fr
om
10,0
00 t
o 6
0,0
00
fro
m 1
0,0
00 t
o 6
0,0
00
hid
e m
od
e c
an
no
t b
e u
se
d f
or
pro
toc
ols
wh
ere
h
ide
mo
de
ca
nn
ot
be
us
ed
fo
r p
roto
co
ls w
he
re
the
po
rt n
um
be
r c
an
no
t b
e c
ha
ng
ed
or
wh
ere
th
e
the
po
rt n
um
be
r c
an
no
t b
e c
ha
ng
ed
or
wh
ere
th
e
de
sti
na
tio
n IP
ad
dre
ss
is
re
qu
ire
dd
es
tin
ati
on
IP
ad
dre
ss
is
re
qu
ire
d
-
Mo
du
le 3
:M
od
ule
3:
Hid
e M
od
e A
dd
ress T
ran
sla
tio
nH
ide M
od
e A
dd
ress T
ran
sla
tio
n
-
Mo
du
le 3
Mo
du
le 3
Hid
ing
beh
ind
Gate
way
Hid
ing
beh
ind
Gate
way
a
ll c
lie
nts
will b
e h
idd
en
be
hin
d t
he
fir
ew
alls
a
ll c
lie
nts
will b
e h
idd
en
be
hin
d t
he
fir
ew
alls
s
erv
er
sid
e in
terf
ac
es
erv
er
sid
e in
terf
ac
e
-
Mo
du
le 3
:M
od
ule
3:
Hid
ing
Beh
ind
Gate
way
Hid
ing
Beh
ind
Gate
way
-
Mo
du
le 3
:M
od
ule
3:
Au
tom
ati
c a
nd
Ma
nu
al
NA
T R
ule
sA
uto
ma
tic
an
d M
an
ua
l N
AT
Ru
les
NA
T R
ule
sN
AT
Ru
les
N
AT
ru
les
co
ns
ist
of
two
ele
me
nts
NA
T r
ule
s c
on
sis
t o
f tw
o e
lem
en
ts
the
co
nd
itio
ns
th
at
sp
ec
ify w
he
n t
he
ru
le is
th
e c
on
dit
ion
s t
ha
t s
pe
cif
y w
he
n t
he
ru
le is
to
be
ap
plie
dto
be
ap
plie
dto
be
ap
plie
dto
be
ap
plie
d
the
ac
tio
n t
o b
e t
ak
en
wh
en
th
e r
ule
is
th
e a
cti
on
to
be
ta
ke
n w
he
n t
he
ru
le is
a
pp
lie
da
pp
lie
d
e
ac
h s
ec
tio
n in
th
e N
AT
Ru
le B
as
e E
dit
or
is
ea
ch
se
cti
on
in
th
e N
AT
Ru
le B
as
e E
dit
or
is
div
ide
d in
to S
ou
rce
, D
es
tin
ati
on
an
d S
erv
ice
div
ide
d in
to S
ou
rce
, D
es
tin
ati
on
an
d S
erv
ice
-
Mo
du
le 3
Mo
du
le 3
Au
tom
ati
c a
nd
Ma
nu
al
NA
T R
ule
sA
uto
ma
tic
an
d M
an
ua
l N
AT
Ru
les
NA
T R
ule
sN
AT
Ru
les
th
e a
cti
on
is
alw
ay
s t
he
sa
me
the
ac
tio
n is
alw
ay
s t
he
sa
me
tra
ns
late
so
urc
e u
nd
er
ori
gin
al p
ac
ke
t to
tr
an
sla
te s
ou
rce
un
de
r o
rig
ina
l p
ac
ke
t to
s
ou
rce
un
de
r tr
an
sla
ted
pa
ck
et
so
urc
e u
nd
er
tra
ns
late
d p
ac
ke
ts
ou
rce
un
de
r tr
an
sla
ted
pa
ck
et
so
urc
e u
nd
er
tra
ns
late
d p
ac
ke
t
tra
ns
late
de
sti
na
tio
n u
nd
er
ori
gin
al p
ac
ke
t tr
an
sla
te d
es
tin
ati
on
un
de
r o
rig
ina
l p
ac
ke
t to
de
sti
na
tio
n u
nd
er
tra
ns
late
d p
ac
ke
tto
de
sti
na
tio
n u
nd
er
tra
ns
late
d p
ac
ke
t
tra
ns
late
se
rvic
e u
nd
er
ori
gin
al p
ac
ke
t to
tr
an
sla
te s
erv
ice
un
de
r o
rig
ina
l p
ac
ke
t to
s
erv
ice
un
de
r tr
an
sla
ted
pa
ck
et
se
rvic
e u
nd
er
tra
ns
late
d p
ac
ke
t
-
Mo
du
le 3
Mo
du
le 3
Edit
Obje
cts
pro
per
ties
to e
nab
le A
uto
mat
ic N
AT
-
Mo
du
le 3
Mo
du
le 3
Confi
gure
man
ual
NA
T
Auto
mat
ic N
AT
rule
s ar
e gen
erat
ed b
y G
atew
ay
-
Mo
du
le 3
:M
od
ule
3:
Sta
tic
NA
TS
tati
c N
AT
Hid
e N
AT
Hid
e N
AT
-
Mo
du
le 3
:M
od
ule
3:
Hid
e N
AT
all
ow
s S
mar
tCen
ter
to c
onnec
t th
e In
tern
et
Sta
tic
NA
T a
llow
s W
ebse
rver
to b
e publi
c so
use
rs
outs
ide
can a
cces
s it
