Manualshelf

F3726, F3211, F3174, R5135, R3816-HP Firewalls and UTM Devices NAT and ALG Command Reference-6PW100

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
41424344454647484950
37
Field Descri
p
tion
Global-IP External IP address for the internal user.
Port-block Port block for the internal user, including the start port and the end port.
Connections Connections established by using the specified port block.
Local-VPN
VPN to which the internal IP address belongs. Three hyphens (---) indicates
that the address does not belongs to any VPN.
Related commands
nat444 static local
nat444 static
Use nat444 static local to create a static IP-port block mapping.
Use undo nat444 static local to remove the static IP-port block mapping.
Syntax
nat444 static local local-start-address local-end-address [ vpn-instance local-name ] global
global-start-address global-end-address port-range port-range-start port-range-end block-size block-size
undo nat444 static local local-start-address local-end-address [ vpn-instance local-name ]
Views
System view, interface view
Parameters
local-start-address local-end-address: Internal IP addresses. The local-end-address must be no lower than
the local-start-address.
vpn-instance local-name: Specifies the VPN to which the internal IP address belongs. The local-name
argument is a case-sensitive string of 1 to 31 characters. If you do not specifies this option, the internal
IP address does not belong to any VPN.
global-start-address global-end-address: External IP addresses. The global-end-address must be no lower
than the global-start-address.
port-range-start port-range-end: Port range for external IP addresses. The port-range-start argument
specifies the start port, and the port-range-end argument specifies the end port that must be no lower than
the start port.
block-size: Port block size. If the value for the port block size exceeds the one for the port range that
equals port-range-end – port-range-start + 1, the system changes the value for the port block size to the
one for the port range.
Usage guidelines
This command assigns a static IP port block for each internal user by using the algorithm specified by
China Telecom NAT444 Specification. NAT uses the assigned static IP port block to perform the
translation for connections from internal to external.
NAT444 static IP-port mappings configured in interface view takes effect only on the interrface, and the
ones configured in system view takes effect globally.
NAT444 static IP-port mappings configured in interface view takes priority over the ones configured in
system view.