advertisement
Using Novell Security Manager
4.3.5.2. Masquerading
Masquerading is a special case of
SNAT, which allows you to associate many internal (private) addresses with one external (public) address. This allows you to hide internal IP addresses and network information from the outside network.
The differences between Masquerading and SNAT are:
• Masquerading requires a source network. It will automatically include all services (ports) on that network.
• The translation only occurs when the packet is sent via the supplied network card. The new source address will be that of the interface.
Masquerading is intended to hide privately addressed LANs behind one official (public) Internet address.
Defining Masquerading rules:
To define masquerading rules, select which network should masquerade as which network card. Normally, the external network card is used.
Note:
In order for clients from the defined network to build a connection to the
Internet, the appropriate rules must be entered in the Packet Filter/
Rules menu.
More information on setting packet filter rules can be found in chapter 4.5
on page 152.
1. In the Network tab, open the NAT/Masquerading menu.
2. In the Name field, enter a descriptive name for this Masquerading
Rule.
3. Use the Rule Type drop-down menu to select Masquerading.
A window named Properties will open.
4. Use the Network drop-down menu to select a network.
5. Use the Interface drop-down menu to select an interface.
6. Save the settings by clicking Add.
After a masquerading rule has been defined and added, it will appear in the
NAT Rules table. The further functions in the NAT table can now be used for further customization.
126
advertisement
