F3726, F3211, F3174, R5135, R3816-HP Firewalls and UTM Devices NAT and ALG Configuration Guide-6PW100
Table Of Contents
- Title Page
- Table of Contents
- Configuring NAT
- Overview
- Configuration guidelines
- Configuring NAT in the Web interface
- Recommended configuration procedure
- Creating an address pool
- Configuring dynamic NAT on an interface
- Creating a static address mapping
- Enabling static NAT on an interface
- Configuring an internal server
- Configuring ACL-based NAT on the internal server
- Configuring DNS mapping
- NAT configuration example
- Internal server configuration example
- Configuring NAT at the CLI
- NAT configuration task list
- Configuring static NAT
- Configuring dynamic NAT
- Configuring an internal server
- Configuring ACL-based NAT on an internal server
- Configuring DNS mapping
- Displaying and maintaining NAT
- One-to-one static NAT configuration example
- Dynamic NAT configuration example
- Common internal server configuration example
- NAT DNS mapping configuration example
- Troubleshooting NAT
- Configuring NAT-PT
- Feature and hardware compatibility
- Overview
- NAT-PT configuration task list
- Configuration prerequisites
- Enabling NAT-PT
- Configuring a NAT-PT prefix
- Configuring IPv4/IPv6 address mappings on the IPv6 side
- Configuring IPv4/IPv6 address mappings on the IPv4 side
- Setting the ToS field after NAT-PT translation
- Setting the traffic class field after NAT-PT translation
- Configuring static NAPT-PT mappings of IPv6 servers
- Displaying and maintaining NAT-PT
- NAT-PT configuration examples
- Troubleshooting NAT-PT
- NAT444
- Configuring ALG
- Support and other resources
- Index
51
32B
Configuring NAT444 logging
NAT444 sends the following logs to the log server when an internal user access the Internet through
NAT444:
• NAT444 user log
• NAT444 session establishment log
• NAT444 session removal log
NAT444 logs support two formats: china-telecom and china-unicom-nat444. You can configure the two
formats by executing the info-center format command. For more information about NAT444 log formats
and NAT444 logging configurations, see System Management and Maintenance Configuration Guide
and System Management and Maintenance Command Reference.
To configure NAT444 logging:
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A
2. Enable NAT444
logging.
nat444 log { user | session-start | session-end }
By default, NAT444 logging
is disabled.
33B
Displaying and maintaining NAT444
Task Command
Remarks
Display NAT444 static IP-port
mappings.
display nat444 static-ip-port-block Available in any view.
Display NAT444 dynamic IP-port
mappings.
display nat444 dynamic-ip-port-block Available in any view.
34B
NAT444 configuration examples
90BNetwork requirements
NAT444 gateways can be designed in a MAN with BRASs or core routers (CRs) through bypass mode
to interconnect an IPv4 network with an IPv6 network.
• Bypass BRAS