737Programming Operations GuideChapter 37Configuring NAT (Network Address Translation)Business Communications Manager provides security and firewall features to protect your privatedata resources from outsiders.This section includes information about the different types of NAT, as well as:• “Enabling and disabling NAT” on page 738• “Configuring an Interface with NAT” on page 739The Network Address Translation feature is a network security feature. NAT translates the IPaddresses used within your private network to different IP addresses known to Internet usersoutside your private network. NAT helps ensure network security because each outgoing orincoming request must go through a translation process that also provides the opportunity toqualify or authenticate the request or match it to a previous request. NAT also translates portnumbers.NAT is defined by creating a set of rules and then defining the order in which these rules areevaluated.Business Communications Manager supports both static and dynamic NAT for a number of packettypes and protocols:Static NATStatic NAT is the one-to-one mapping of an IP address on your private network to an IP addressfrom outside your network. Inbound rules must have external IP addresses mapped to specificinternal IP addresses.Dynamic NATDynamic NAT is the mapping between a private network and the outside network, of one addressto a pool of addresses, a pool of addresses to one address or a pool of addresses to another. Themappings are made in a translation table and remain there until the table is cleared or until an entrytimes out.NAT Support for: TypePackets (static anddynamic)TCP, UDP, IPProtocols H.323, FTP, HTTP, POP3, Telnet, SMTP, DNS, TFTP, GOPHER, FINGER, NNTP, RPC,SUNNFS and SNMPNote: When using an inbound translation, be sure that all private addresses belong to theexisting systems.
