When
the ISA Gateway is deployed, the ISA Gateway Agent performs network address
translation (NAT) to translate the source IP address of incoming traffic from
the outside to the IP address of its physical interface, such as eth0, enp0s3,
before forwarding the packet to the destination. The agent uses IP Masquerading to perform NAT and is
implemented using the following command in the Gateway Agent script:
iptables -t nat -A
POSTROUTING -o $intf -j MASQUERADE
The
command is executed by running the script during installation of the agent and
when the Gateway is restarted. This command will translate the source IP
address of traffic coming from the outside, invariably from the ISA Controller,
to the IP address of the physical adapter and then is forwarded to the
destination, which is invariably a corporate resource.
However, there are instances
when the source IP address must remain unchanged, for example, for VoIP
traffic. In such cases, NAT should be disabled. To disable NAT, enter the
following command:
iptables -t nat -F
This command will forward
traffic to its destination without changing the source IP address. Appropriate
routes must be configured for the return traffic.
Related Articles
Configuring NAT on the ISA Gateway (Windows Server)
This article describes the step-by-step method to configure NAT on a Windows Server One of the prerequisites for deploying the ISA Gateway Agent in a Windows Server is to add the Routing and Remote Access Server (RRAS) role. The RRAS role allows the ...
Uninstalling the ISA Gateway Agent from Linux
This KB article describes the method to uninstall the ISA Gateway Agent software from the Linux operating system. In certain circumstances, the ISA Gateway Agent, due to various reasons, may need to be changed. Before installing the Agent on a new ...
Installing the ISA Gateway Agent on Linux
InstaSafe Secure Access (ISA) Gateway Agent is a software that acts as the entry and exit point for user access. Gateways are deployed at the edge of a private network, and are used to connect remote clients or networks to the private network. It is ...
ISA App Log File
The ISA App, once successfully installed and configured, generates Connection Logs that could be extremely helpful in troubleshooting issues that may crop up. Depending on the device OS, the Log File location is as follows: Locating the ISA App Log ...
Install the ISA App on Linux (CLI)
Prerequisites for Installation (Users): 1. The User must have sudo access to the system in order to install the ISA App 2. During installation, the system should have access to the InstaSafe libraries and Linux repositories/mirrors so that the ...