fir3net
PPS-Firenetbanner-780.5x190-30-03-17

Brocade ADX - NAT

Within this article we will look at the two ways in which to NAT traffic.

Source NAT Pool

This examples provides the commands required to configure source NAT via the use of a pool and ACL. This allows you to source NAT a number of internal hosts behind the ADX to a single IP address.

Here we will NAT the servers 10.1.1.1 and 10.1.1.2 to the source IP address 192.168.1.100 (when traffic from these servers is sent out through the load-balancer on port tcp/80).

access-list 150 permit tcp host 10.1.1.1 any eq 80
access-list 150 permit tcp host 10.1.1.2 any eq 80

ip nat pool SNAT 192.168.1.100 192.168.1.100 netmask 255.255.255.255
ip nat inside source list 150 pool SNAT overload

int ve10
  ip nat outside

int ve20
  ip nat inside

Server NAT

Another common scenario that is required (to ensure that traffic is routed back through the ADX) when either configuring remote servers or internal load-balancing is to configure server source NAT.

This ensures that any traffic from the ADX to the real server is source NAT`d behind the egress interface of the ADX.

server real RS-10.1.1.1 10.1.1.1
  source-nat

About the Author

RDonato

R Donato

Rick Donato is the Founder and Chief Editor of Fir3net.com. He currently works as a Principal Network Security Engineer and has a keen interest in automation and the cloud.

You can find Rick on Twitter @f3lix001