Secure Mobile Access 12.4 Administration Guide

Translated Address Pools (Source NAT)

With translated address pools, the appliance assigns non-routable IP addresses to clients and uses source network address translation (Source NAT) to translate them to a single address you configure for back-end traffic. The appliance uses the name servers you specify in AMC to define the DNS and WINS settings on the client. Source NAT translates the client’s non-routable source address to a single configured address from a fixed, non-routable sequence (2.0.0.2 through 2.255.254.254) on the internal network.

Translated address pools is ideally intended for SMA deployments of less than 250 concurrent users. Using translated address pools in deployments with more than that number of concurrent users can lead to issues with connectivity and system stability.

The advantages of using translated address pools are:

  • Source NAT address pools require only a single back-end address, which is shared by all remote connections.

  • Fewer IP addresses are required for the tunnel clients.

The constraints of this type of pool are:

  • All network activity must be initiated by the client; therefore, this method of IP address allocation does not support applications that make reverse connections or cross-connections (such as SMS, VoIP, or FTP).
  • Windows domain browsing is not supported; if users try to browse a Windows domain through Network Explorer or Network Neighborhood, an error message indicates that they are not authorized to access the resources.
  • Client-to-client cross-connections are not supported.

Was This Article Helpful?

Help us to improve our support portal

Techdocs Article Helpful form

  • Hidden
  • Hidden

Techdocs Article NOT Helpful form

  • Still can't find what you're looking for? Try our knowledge base or ask our community for more help.
  • Hidden
  • Hidden