Configure Network Address Translation

To NAT or not to NAT, that is the question you’ll need to answer before you can be done configuring network settings for Okyo. When you enable NAT (Network Address Translation) Prisma Access automatically allocates IP addresses from the RFC 6598-compliant (shared) 100.64.0.0/10 range to devices connecting through Okyo Garde. Prisma Access maps the network address of device traffic to an IP address from the Infrastructure subnet before sending it to your corporate network using a process called Network Address Translation (NAT).
You can, however, prevent automatic IP allocation and NAT by not enabling NAT and configuring a custom client IP pool. You must make your choice to enable NAT or not enable NAT and configure a custom IP pool before you can push your Network Settings to the cloud. Also,
after you push your NAT configuration, you won’t be able to change it later. So, be careful!
Follow these steps to configure network address translation:
  1. Select
    Okyo Garde
    Network Settings
    from the sidebar.
  2. Go to the
    Network Address Translation
    panel and select .
  3. Choose one of these options.
    1. Enable NAT
      - Prisma Access automatically maps the network address of device traffic to an IP from the Infrastructure subnet before sending it to your corporate network.
    2. Disable NAT and Configure a Custom Client Pool
      - You provide a custom client IP pool network address. You’ll enter a valid client IP pool network address, and then choose a subnet mask bit value from 2 to 27. The smaller the mask bit value, the more Okyo Garde devices your IP pool can support. In any case, a single Okyo Garde device can support up to 27 corporate-network-connected clients each.
  4. Save
    your settings.
    When configuring your own custom client pool, proper sizing is a major consideration. Your client should be able to accommodate not only your current devices but also your future devices.

Recommended For You