Print Download PDF Send Feedback

Previous

Next

Working with NAT and Clusters

Cluster Fold and Cluster Hide

Network Address Translation (NAT) is a fundamental aspect of the way ClusterXL works.

Configuring NAT on the Cluster

Network Address Translation (NAT) can be performed on a Cluster, in the same way as it is performed on a Security Gateway. This NAT is in addition to the automatic "Cluster Fold" and "Cluster Hide" address translations.

To configure NAT, edit the Cluster object, and in the Cluster Properties window, click the NAT page. Do NOT configure the NAT tab of the Cluster Member object.

Configuring NAT on a Cluster Member

It is possible to perform Network Address Translation (NAT) on a non-cluster interface of a Cluster Member.

A possible scenario for this is if the non-Cluster interface of the Cluster Member is connected to another (non-cluster) internal Security Gateway, and you wish to hide the address of the non-Cluster interface of the Cluster Member.

Performing this NAT means that when a packet originates behind or on the non-Cluster interface of the Cluster Member, and is sent to a host on the other side of the internal Security Gateway, the source address of the packet will be translated.

To configure NAT on a non-cluster interface of a Cluster Member:

  1. Edit the Cluster object.
  2. In the Cluster Member page of the Cluster Properties window, edit the Cluster Member object.
  3. In the Cluster Member Properties window, click the NAT tab.
  4. Configure Static or Hide NAT as desired.