Manualshelf

R3166-R3206-HP High-End Firewalls NAT and ALG Command Reference-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
11121314151617181920
8
range from 35000 to 65535; 1 represents a higher level, and the assignable port numbers range from
1024 to 34999 for devices in stateful failover state, and from 1024 to 65535 for devices not in stateful
failover state. The default value for argument level is 1. In the asymmetric stateful failover network
scenario, configure different port assignment levels for the address pools on the two stateful failover
devices.
Description
Use the nat address-group command to configure a NAT address pool.
Use the undo nat address-group command to remove an address pool.
An address pool consists of a set of consecutive IP addresses.
Note that:
You cannot remove an address pool that has been associated with an ACL.
Different address pools must not overlap.
An address pool is not needed in the case of Easy IP where the interface’s public IP address is used
as the translated IP address.
Examples
# Configure an address pool numbered 1 that contains addresses 202.110.10.10 to 202.110.10.15.
<Sysname> system-view
[Sysname] nat address-group 1 202.110.10.10 202.110.10.15
nat dns-map
Syntax
nat dns-map domain domain-name protocol pro-type ip global-ip port global-port
undo nat dns-map domain domain-name
View
System view
Default level
2: System level
Parameters
domain domain-name: Specifies the domain name of an internal server. A domain name is a string
containing no more than 255 case-insensitive characters. It consists of several labels separated by dots
(.). Each label has no more than 63 characters that must begin and end with letters or digits; besides,
dashes (-) can be included.
protocol pro-type: Specifies the protocol type used by the internal server, tcp or udp.
ip global-ip: Specifies the public IP address used by the internal server to provide services to the external
network.
port global-port: Specifies the port number used by the internal server to provide services to the external
network. The global-port argument is in the range 1 to 65535.
Description
Use the nat dns-map command to map the domain name to the public network information of an internal
server.