F3215-HP Load Balancing Module Network Management Command Reference-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module

121

122

123

124

125

126

127

128

129

130

113

Parameters

acl-number: ACL number in the range of 2000 to 3999.

protocol pro-type: Specifies a protocol type. pro-type supports TCP, UDP, and ICMP. If ICMP is specified,

do not specify port number for the internal server.

global-address: Public IP address for the internal server.

current-interface: Uses the current interface address as the external IP address for the internal server.

interface: Uses a specific interface address as the external IP address for the internal server, enabling

Easy IP.

interface-type interface-number: Specifies the interface type and interface number. Only loopback

interface is supported and must be configured. Otherwise the configuration is considered illegal.

global-port1, global-port2: Specifies a range of ports that have a one-to-one correspondence with the IP

addresses of the internal hosts. The global-port2 argument must be greater than global-port1.

local-address1, local-address2: Defines a consecutive range of addresses that have a one-to-one

correspondence with the range of ports. The local-address2 argument must be greater than

local-address1 and that the number of addresses must match that of the specified ports.

local-port: Port number provided by the internal server, in the range of 0 to 65535, excluding FTP port

number 20.

• You can use the service names to represent those well-known port numbers. For example, you can

use www to represent port number 80, ftp to represent port number 21, and so on.

• You can use the keyword any to represent port number 0, which means all types of services are

supported. This has the same effect as a static translation between the global-address and

local-address.

vpn-instance global-name: Specifies the VPN to which the advertised external network address belongs.

The global-name argument is a case-sensitive string of 1 to 31 characters. Without this option, the

advertised external IP address does not belong to any VPN.

vpn-instance local-name: Specifies the VPN to which the internal server belongs. The local-name

argument is a case-sensitive string of 1 to 31 characters. Without this parameter, the internal server does

not belong to any VPN.

track vrrp virtual-router-id: Associates the internal server with a VRRP group. The virtual-router-id

argument indicates the number of the VRRP group to be associated. Without this option specified, no

VRRP group is associated.

Usage guidelines

Using the address and port defined by the global-address and global-port parameters, external users

can access the internal server with an IP address of local-address and a port of local-port.

If one of the two arguments global-port and local-port is set to any, the other must also be any or remain

undefined.

Using this command, you can configure internal servers (such as Web, FTP, Telnet, POP3, and DNS

servers) to provide services for external users. An internal server can reside in an internal network or an

VPN.

The maximum number of internal server configuration commands that can be configured on an interface

depends on the device model. The number of internal servers that each command can define equals the

difference between global-port2 and global-port1. Up to 4096 internal servers can be configured on an

interface. The system allows up to 1024 internal server configuration commands.