Q: How does the "Add automatic address translation rules" entry in node properties work?

A:

Say you are creating a node object for your web server. You could create the object with the real, physical IP address of the webserver; then, on the NAT pane, put in the public IP address of the server and turn on "add automatic accress translation rules", with translation method "static". This will have the effect, on the "address translation" master table, of adding two rules: IPsrc=www physical, IPdst=any: translate IPsrc to static NAT address you entered and IPsrc=any, IPdst= the static NAT address: translate IPdst to www physical In the rulebase, wherever that node object is used, a match will occur and the rule will fire when the IP address matches either the physical or the NAT address. You could do the same thing manually, instead of using automatic; you would have to add two address translation rules. Also, you would have to create two node objects, one at the physical address, and one at the NAT address, if you wanted both addresses to cause a rule or rules to fire in the rulebase.