Manualshelf

F3726, F3211, F3174, R5135, R3816-HP Firewalls and UTM Devices NAT and ALG Command Reference-6PW100

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
21222324252627282930
17
Parameters
index: Index of the internal server.
The following matrix shows the index argument and hardware compatibility, and the value range for the
argument on different firewalls and UTM devices:
Hardware Ar
g
ument com
p
atibilit
y
Value ran
g
e
F1000-A-EI/F1000-S-EI Yes 0 to 1024
F1000-E No N/A
F5000 No N/A
Firewall module No N/A
U200-A Yes 0 to 1024
U200-S Yes 0 to 256
acl-number: Number of an ACL, in the range of 2000 to 3999.
protocol pro-type: Specifies a protocol type. pro-type supports TCP, UDP, and ICMP. If ICMP is specified,
do not specify port number for the internal server.
global-address: Public IP address for the internal server.
current-interface: Uses the current interface address as the external IP address for the internal server.
interface: Uses a specific interface address as the external IP address for the internal server, enabling
Easy IP.
interface-type interface-number: Specifies the interface type and interface number. Only loopback
interface is supported and must be configured. Otherwise the configuration is considered illegal.
global-port1, global-port2: Specifies a range of ports that have a one-to-one correspondence with the IP
addresses of the internal hosts. The global-port2 argument must be greater than global-port1.
local-address1, local-address2: Defines a consecutive range of addresses that have a one-to-one
correspondence with the range of ports. The local-address2 argument must be greater than
local-address1 and that the number of addresses must match that of the specified ports.
local-port: Port number provided by the internal server, in the range of 0 to 65535, excluding FTP port
number 20.
You can use the service names to represent those well-known port numbers. For example, you can
use www to represent port number 80, ftp to represent port number 21, and so on.
You can use the keyword any to represent port number 0, which means all types of services are
supported. This has the same effect as a static translation between the global-address and
local-address.
global-port: Global port number for the internal server, in the range of 0 to 65535.
local-address: Internal IP address of the internal server.
vpn-instance global-name: Specifies the VPN to which the advertised external network address belongs.
The global-name argument is a case-sensitive string of 1 to 31 characters. Without this option, the
advertised external IP address does not belong to any VPN.
vpn-instance local-name: Specifies the VPN to which the internal server belongs. The local-name
argument is a case-sensitive string of 1 to 31 characters. Without this parameter, the internal server does
not belong to any VPN.