R3166-R3206-HP High-End Firewalls NAT and ALG Configuration Guide-6PW101
13
Item Descri
p
tion
Internal IP
Specify the internal IP address(es) for the internal server.
• Single box: Used to specify an internal IP address when 6(TCP) or
17(UDP) is not selected for the protocol type or you specify a single
global port.
• Double boxes: Used to specify a range of internal IP addresses each
of which has a one-to-one correspondence with a port in the specified
range. The IP address in the right box must be higher than that in the
left box, and the number of addresses must be identical to the number
of specified global ports.
Internal Port
Specify the internal port number of the internal server.
This option is available when 6(TCP) or 17(UDP) is selected for the
protocol type. If you type 0 in the text box, all types of services are
provided. This configuration indicates a static connection between
internal addresses and external addresses.
Enable track to VRRP
Configure whether to associate the internal server on an interface with a
VRRP group, and specify the VRRP group to be associated if you
associate the internal server on an interface with a VRRP group.
When two network devices deliver both stateful failover and dynamic
NAT,
• Make sure the public address of an internal server on an interface is
associated with one VRRP group only; otherwise, the system
associates the public address with the VRRP group having the highest
group ID.
• To ensure normal switchovers between the two devices, you need to
add devices to the same VRRP group, and associate dynamic NAT
with the VRRP group.
VRRP Group
Return to Internal server configuration task list.
Configuring a DNS mapping
Select Firewall > NAT Policy > Internal Server from the navigation tree to enter the page shown in Figure
10. In the DNS-MAP field where all DNS mappings are displayed, click Add to enter the Add DNS-MAP
page shown in Figure 12.
Figure 12 Add DNS-MAP page