Thank you for the feedback
This content has been machine translated dynamically.
Dieser Inhalt ist eine maschinelle Übersetzung, die dynamisch erstellt wurde. (Haftungsausschluss)
Cet article a été traduit automatiquement de manière dynamique. (Clause de non responsabilité)
Este artículo lo ha traducido una máquina de forma dinámica. (Aviso legal)
此内容已动态机器翻译。 放弃
このコンテンツは動的に機械翻訳されています。免責事項
This content has been machine translated dynamically.
This content has been machine translated dynamically.
This content has been machine translated dynamically.
This article has been machine translated.
Dieser Artikel wurde maschinell übersetzt. (Haftungsausschluss)
Ce article a été traduit automatiquement. (Clause de non responsabilité)
Este artículo ha sido traducido automáticamente. (Aviso legal)
この記事は機械翻訳されています.免責事項
이 기사는 기계 번역되었습니다.
Este artigo foi traduzido automaticamente.
这篇文章已经过机器翻译.放弃
Translation failed!
INAT
When a client sends a packet to a Citrix ADC appliance that is configured for Inbound Network Address Translation (INAT), the appliance translates the packet’s public destination IP address to a private destination IP address and forwards the packet to the server at that address.
The following configurations are supported:
- IPv4-IPv4 Mapping: A public IPv4 address on the Citrix ADC appliance listens to connection requests on behalf of a private IPv4 server. The Citrix ADC appliance translates the packet’s public destination IP address to the destination IP address of the server and forwards the packet to the server at that address.
- IPv4-IPv6 Mapping: A public IPv4 address on the Citrix ADC appliance listens to connection requests on behalf of a private IPv6 server. The Citrix ADC appliance creates an IPv6 request packet with the IP address of the IPv6 server as the destination IP address.
- IPv6-IPv4 Mapping: A public IPv6 address on the Citrix ADC appliance listens to connection requests on behalf of a private IPv4 server. The Citrix ADC appliance creates an IPv4 request packet with the IP address of the IPv4 server as the destination IP address.
- IPv6-IPv6 Mapping: A public IPv6 address on the Citrix ADC appliance listens to connection requests on behalf of a private IPv6 server. The Citrix ADC appliance translates the packet’s public destination IP address to the destination IP address of the server and forwards the packet to the server at that address.
When the appliance forwards a packet to a server, the source IP address assigned to the packet is determined as follows:
- If use subnet IP (USNIP) mode is enabled and use source IP (USIP) mode is disabled, the appliance uses a subnet IP address (SNIP) as the source IP address.
- If USNIP mode is disabled and USIP mode is disabled, the appliance uses a mapped IP address (MIP) as the source IP address.
- If USIP mode is enabled, and USNIP mode is disabled the appliance uses the client IP (CIP) address as the source IP address.
- If both USIP and USNIP modes are enabled, USIP mode takes precedence.
- You can also configure the Citrix ADC to use a unique IP address as the source IP address, by setting the proxyIP parameter.
- If none of the above modes are enabled and a unique IP address has not been specified, the Citrix ADC attempts to use a MIP as the source IP address.
- If both USIP and USNIP modes are enabled and a unique IP address has been specified, the order of precedence is as follows: USIP-unique IP-USNIP-MIP-Error.
To protect the Citrix ADC from DoS attacks, you can enable TCP proxy. However, if other protection mechanisms are used in your network, you may want to disable them.
Configure INAT
You can create, modify, or remove an INAT entry.
CLI procedures
To create an INAT entry by using the CLI:
At the command prompt, type the following commands to create an INAT entry and verify its configuration:
- add inat <name> <publicIP> <privateIP> [-tcpproxy ( ENABLED | DISABLED )] [-ftp ( ENABLED | DISABLED )] [-usip ( ON | OFF )] [-usnip ( ON | OFF )] [-proxyIP <ip_addr|ipv6_addr>]
- show inat [<name>]
Example:
> add inat ip4-ip4 172.16.1.2 192.168.1.1 -proxyip 10.102.29.171
Done
To modify an INAT entry by using the CLI:
To modify an INAT entry, type the **set inat **command, the name of the entry, and the parameters to be changed, with their new values.
To remove an INAT configuration by using the CLI:
At the command prompt, type:
- rm inat <name>
Example:
> rm inat ip4-ip4
Done
GUI procedures
To configure an INAT entry by using the GUI:
Navigate to System > Network > Routes > INAT, and add a new INAT entry or edit an existing INAT entry.
To remove an INAT configuration by using the GUI:
Navigate to System > Network > Routes > INAT, delete the INAT configuration.
Thank you for the feedback
Share
Share
In this article
This Preview product documentation is Citrix Confidential.
You agree to hold this documentation confidential pursuant to the terms of your Citrix Beta/Tech Preview Agreement.
The development, release and timing of any features or functionality described in the Preview documentation remains at our sole discretion and are subject to change without notice or consultation.
The documentation is for informational purposes only and is not a commitment, promise or legal obligation to deliver any material, code or functionality and should not be relied upon in making Citrix product purchase decisions.
If you do not agree, select Do Not Agree to exit.