Manualshelf

R3166-R3206-HP High-End Firewalls NAT and ALG Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
21222324252627282930
23
Figure 17 Network diagram for common internal server configuration
2. Configuration procedure
# As shown in Figure 17, conf
igure the IP addresses for the interfaces (omitted).
# Enter interface GigabitEthernet 0/2 view.
<Firewall> system-view
[Firewall] interface gigabitethernet 0/2
# Configure the internal FTP server.
[Firewall-GigabitEthernet0/2] nat server protocol tcp global 202.38.1.1 21 inside
10.110.10.3 ftp
# Configure the internal web server 1.
[Firewall-GigabitEthernet0/2] nat server protocol tcp global 202.38.1.1 80 inside
10.110.10.1 www
# Configure the internal web server 2.
[Firewall-GigabitEthernet0/2] nat server protocol tcp global 202.38.1.1 8080 inside
10.110.10.2 www
# Configure the internal SMTP server.
[Firewall-GigabitEthernet0/2] nat server protocol tcp global 202.38.1.1 smtp inside
10.110.10.4 smtp
[Firewall-GigabitEthernet0/2] quit
NAT DNS mapping configuration example
1. Network requirements
As shown in Figure 18, a c
ompany provides Web and FTP services to external users, and uses internal IP
network segment 10.110.0.0/16. The IP addresses of the Web and FTP servers are 10.110.10.1/16 and
10.110.10.2/16 respectively. The company has three public addresses 202.38.1.1/24 through
202.38.1.3/24. The DNS server is at 202.38.1.4/24.
The public IP address 202.38.1.2 is used to provide services to external users.
External users can use the public address or domain name of internal servers to access them.
Internal users can access the internal servers by using their domain names.
FTP server
10.110.10.3/16
Web server 1
10.110.10.1/16
Web server 2
10.110.10.2/16
SMTP server
10.110.10.4/16
Host
Internet
GE0/1
10.110.10.10/16
GE0/2
202.38.1.1/24
Firewall