F3726, F3211, F3174, R5135, R3816-HP Firewalls and UTM Devices NAT and ALG Configuration Guide-6PW100
Table Of Contents
- Title Page
- Table of Contents
- Configuring NAT
- Overview
- Configuration guidelines
- Configuring NAT in the Web interface
- Recommended configuration procedure
- Creating an address pool
- Configuring dynamic NAT on an interface
- Creating a static address mapping
- Enabling static NAT on an interface
- Configuring an internal server
- Configuring ACL-based NAT on the internal server
- Configuring DNS mapping
- NAT configuration example
- Internal server configuration example
- Configuring NAT at the CLI
- NAT configuration task list
- Configuring static NAT
- Configuring dynamic NAT
- Configuring an internal server
- Configuring ACL-based NAT on an internal server
- Configuring DNS mapping
- Displaying and maintaining NAT
- One-to-one static NAT configuration example
- Dynamic NAT configuration example
- Common internal server configuration example
- NAT DNS mapping configuration example
- Troubleshooting NAT
- Configuring NAT-PT
- Feature and hardware compatibility
- Overview
- NAT-PT configuration task list
- Configuration prerequisites
- Enabling NAT-PT
- Configuring a NAT-PT prefix
- Configuring IPv4/IPv6 address mappings on the IPv6 side
- Configuring IPv4/IPv6 address mappings on the IPv4 side
- Setting the ToS field after NAT-PT translation
- Setting the traffic class field after NAT-PT translation
- Configuring static NAPT-PT mappings of IPv6 servers
- Displaying and maintaining NAT-PT
- NAT-PT configuration examples
- Troubleshooting NAT-PT
- NAT444
- Configuring ALG
- Support and other resources
- Index
29
Ste
p
Command
1. Enter system view. system-view
2. Enter interface view.
interface interface-type interface-number
3. Configure an internal server based on
ACL.
nat server protocol pro-type global acl-number inside
local-address [ local-port ] [ vpn-instance local-name ]
60BConfiguring DNS mapping
With DNS mapping, an internal host can access an internal server on the same private network by using
the domain name of the internal server when the DNS server resides on the public network.
To configure a DNS mapping:
Ste
p
Command
1. Enter system view.
system-view
2. Configure a DNS mapping.
nat dns-map domain domain-name protocol pro-type ip global-ip
port global-port
61BDisplaying and maintaining NAT
Task Command
Remarks
Display information about NAT
address pools.
display nat address-group [ group-number ]
[ | { begin | exclude | include }
regular-expression ]
Available in any view.
Display all NAT configuration
information.
display nat all [ | { begin | exclude |
include } regular-expression ]
Available in any view.
Display NAT configuration
information.
display nat bound [ | { begin | exclude |
include } regular-expression ]
Available in any view.
Display DNS mapping
configuration information.
display nat dns-map [ | { begin | exclude |
include } regular-expression ]
Available in any view.
Display the internal server
information.
display nat server [ | { begin | exclude |
include } regular-expression ]
Available in any view.
Display static NAT information.
display nat static [ | { begin | exclude |
include } regular-expression ]
Available in any view.
Display NAT statistics.
display nat statistics [ | { begin | exclude |
include } regular-expression ]
Available in any view.
62BOne-to-one static NAT configuration example
127BNetwork requirements
An internal host 10.110.10.8/24 uses public address 202.38.1.100 to access the Internet.