R3166-R3206-HP High-End Firewalls NAT and ALG Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module

Figure 18 Network diagram for NAT DNS mapping

2. Configuration procedure

# As shown in Figure 18, conf

igure the IP addresses for the interfaces (omitted).

# Enter the view of interface GigabitEthernet 0/2.

<Firewall> system-view

[Firewall] interface gigabitethernet 0/2

# Configure the internal web server.

[Firewall-GigabitEthernet0/2] nat server protocol tcp global 202.38.1.2 inside

10.110.10.1 www

# Configure the internal FTP server.

[Firewall-GigabitEthernet0/2] nat server protocol tcp global 202.38.1.2 inside

10.110.10.2 ftp

[Firewall-GigabitEthernet0/2] quit

# Configure two DNS mapping entries: map the domain name www.server.com of the web server to

202.38.1.2, and ftp.server.com of the FTP server to 202.38.1.2.

[Firewall] nat dns-map domain www.server.com protocol tcp ip 202.38.1.2 port www

[Firewall] nat dns-map domain ftp.server.com protocol tcp ip 202.38.1.2 port ftp

[Firewall] quit

3. Verification

# After completing the configurations, display the DNS mapping configuration information.

<Firewall> display nat dns-map

NAT DNS mapping information:

There are currently 2 NAT DNS mapping(s)

Domain-name: www.server.com

Global-IP : 202.38.1.2

Global-port: 80(www)

Protocol : 6(TCP)

Domain-name: ftp.server.com

Global-IP : 202.38.1.2

Global-port: 21(ftp)

Protocol : 6(TCP)

Host A and Host B can use the domain name www.server.com to access the web server, and use

ftp.server.com to access the FTP server.

FTP server

10.110.10.2/16

Host A

10.110.10.3/16

Internet

GE0/1

10.110.10.10/16

GE0/2

202.38.1.1/24

Web server

10.110.10.1/16

DNS server

202.38.1.4/24

Host B

202.38.1.10/24

Firewall