NetVanta 2000 Series System Manual
Section 4, User Interface Guide
61200361L1-1E
© 2002 ADTRAN, Inc.
61
> P
OLICIES
> A
CCESS
P
OLICIES
: T
O
DMZ > C
ONFIGURATION
> NAT N
AME
The
NAT N
AME
drop down menu lists all entries from the NAT table. To manually define the NAT out pool
address here, select
O
THER
and enter the out pool IP address in the text boxes below the drop down menu.
Enabling NAT on a To DMZ inbound policy applies a Reverse NAT filtering scheme to incoming traffic
received on this policy by the NetVanta 2000 series.
> P
OLICIES
> A
CCESS
P
OLICIES
: T
O
DMZ > C
ONFIGURATION
> S
ECURITY
Since access policy and VPN policy selectors are created separately and act independently, the
S
ECURITY
radio button configures the NetVanta 2000 series to check for the existence of a VPN policy for all the
network traffic governed by this access policy. If any traffic that would pass this access policy would be
sent in the clear, that is, not over an already defined VPN policy, an error will be generated to notify the
user.
Changing the Priority of a Policy
You can change the access policy priority by two ways: You can do simple priority corrections by using the
up (-) and down (¯) buttons, which are located at the end columns of each policy in the access policy table.
Clicking the up or down button increases or decreases the priority of the access policy with respect to its
neighboring policies.
Alternative way can be used for major priority corrections. Select the policy whose priority you want to
change by entering its Rule ID in the text box located after
P
LACE
R
ULE
tab. This is located at the end of
the policy table.
Then use the
B
EFORE
/A
FTER
radio button in combination with Rule ID text box following this radio button
to decide the new place in the table for this policy, and click the
I
NSERT
button.
The policy will be moved to the new place in the table.
Checking Policy Statistics
Select the policy whose statistics you want to check from the access policy table and click the
L
OG
button.
This will display the policy statistics page.
Not selecting the
S
ECURITY
option may allow insecure data transmission through the
NetVanta 2000 series.
If insecure data transmission is allowed because a VPN policy is removed after the
S
ECURITY
option has been performed on an access policy, no user notification will be
given. To ensure data security, verify each access policy after VPN changes are made.