Thread: Are manual static NAT rules stateful in NG R55 AI?
View Single Post
  #2 (permalink)  
Old 2006-09-20
RobertGraham RobertGraham is offline
Senior Member
  
Join Date: 2006-02-02
Posts: 204
Rep Power: 3
RobertGraham has an average reputation (10+)
Send a message via MSN to RobertGraham Send a message via Yahoo to RobertGraham
Default Re: Are manual static NAT rules stateful in NG R55 AI?
Rules are always viewed from the point of connection initiation. That is,

A -> B XLATE C -> B

means that whenever A opens a connection to B the addr will be xlated. The packet on the return will also be xlated since the technology is stateful. This is what you are seeing.

However, if B wants to initiate a connection to C and have the packet end up at A, the rule above isn't sufficient. As long as the mail server doesn't need to initiate a connection to this other network - you're fine. In the case of an IMAP server that doesn't need Internet access and isn't the SMTP server is a perfect candidate for this one way static NAT situation.

Does that clear up the confusion?
Reply With Quote