F3726, F3211, F3174, R5135, R3816-HP Firewalls and UTM Devices NAT and ALG Configuration Guide-6PW100
Table Of Contents
- Title Page
- Table of Contents
- Configuring NAT
- Overview
- Configuration guidelines
- Configuring NAT in the Web interface
- Recommended configuration procedure
- Creating an address pool
- Configuring dynamic NAT on an interface
- Creating a static address mapping
- Enabling static NAT on an interface
- Configuring an internal server
- Configuring ACL-based NAT on the internal server
- Configuring DNS mapping
- NAT configuration example
- Internal server configuration example
- Configuring NAT at the CLI
- NAT configuration task list
- Configuring static NAT
- Configuring dynamic NAT
- Configuring an internal server
- Configuring ACL-based NAT on an internal server
- Configuring DNS mapping
- Displaying and maintaining NAT
- One-to-one static NAT configuration example
- Dynamic NAT configuration example
- Common internal server configuration example
- NAT DNS mapping configuration example
- Troubleshooting NAT
- Configuring NAT-PT
- Feature and hardware compatibility
- Overview
- NAT-PT configuration task list
- Configuration prerequisites
- Enabling NAT-PT
- Configuring a NAT-PT prefix
- Configuring IPv4/IPv6 address mappings on the IPv6 side
- Configuring IPv4/IPv6 address mappings on the IPv4 side
- Setting the ToS field after NAT-PT translation
- Setting the traffic class field after NAT-PT translation
- Configuring static NAPT-PT mappings of IPv6 servers
- Displaying and maintaining NAT-PT
- NAT-PT configuration examples
- Troubleshooting NAT-PT
- NAT444
- Configuring ALG
- Support and other resources
- Index
53
91BConfiguration procedure
This configuration example is only for the NAT444 device. For configurations about other network
devices, see the descriptions about the related features.
• Configure a static NAT444 IP-port mapping:
# Configure a static NAT444 IP-port mapping.
<Sysname> system-view
[Sysname] nat444 static local 192.168.1.1 192.168.1.100 global 201.1.1.1 201.1.1.10
port-range 10001 20000 block-size 1000
# Enable static NAT444 on the outbound interface to make the IP-port mapping take effect.
[Sysname] interface ten-gigabitethernet0/0.1002
[Sysname-Ten-GigabitEthernet0/0.1002] nat444 outbound static
[Sysname-Ten-GigabitEthernet0/0.1002] quit
# Enable NAT444 logging.
[Sysname] nat444 log user
[Sysname] nat444 log session-start
[Sysname] quit
# Display static NAT444 IP-port mappings.
<Sysname> display nat444 static-ip-port-block
NAT ip-port-assign table:
Local-ip <-> Global-ip : (Port1 - Port2 )
192.168.1.1 <-> 201.1.1.1 : (10001 - 11000 )
192.168.1.2 <-> 201.1.1.1 : (11001 - 12000 )
192.168.1.3 <-> 201.1.1.1 : (12001 - 13000 )
192.168.1.4 <-> 201.1.1.1 : (13001 - 14000 )
192.168.1.5 <-> 201.1.1.1 : (14001 - 15000 )
192.168.1.6 <-> 201.1.1.1 : (15001 - 16000 )
192.168.1.7 <-> 201.1.1.1 : (16001 - 17000 )
192.168.1.8 <-> 201.1.1.1 : (17001 - 18000 )
192.168.1.9 <-> 201.1.1.1 : (18001 - 19000 )
192.168.1.10 <-> 201.1.1.1 : (19001 - 20000 )
192.168.1.11 <-> 201.1.1.2 : (10001 - 11000 )
192.168.1.12 <-> 201.1.1.2 : (11001 - 12000 )
192.168.1.13 <-> 201.1.1.2 : (12001 - 13000 )
192.168.1.14 <-> 201.1.1.2 : (13001 - 14000 )
192.168.1.15 <-> 201.1.1.2 : (14001 - 15000 )
192.168.1.16 <-> 201.1.1.2 : (15001 - 16000 )
192.168.1.17 <-> 201.1.1.2 : (16001 - 17000 )
192.168.1.18 <-> 201.1.1.2 : (17001 - 18000 )
192.168.1.88 <-> 201.1.1.9 : (17001 - 18000 )
192.168.1.89 <-> 201.1.1.9 : (18001 - 19000 )
192.168.1.90 <-> 201.1.1.9 : (19001 - 20000 )
192.168.1.91 <-> 201.1.1.10 : (10001 - 11000 )
192.168.1.92 <-> 201.1.1.10 : (11001 - 12000 )
192.168.1.93 <-> 201.1.1.10 : (12001 - 13000 )
192.168.1.94 <-> 201.1.1.10 : (13001 - 14000 )