Manualshelf

R3166-R3206-HP High-End Firewalls NAT and ALG Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
12345678910
i
Contents
NAT configuration ······················································································································································· 1
Overview ············································································································································································ 1
Introduction to NAT ·················································································································································· 1
NAT implementation ················································································································································ 2
Low-priority address pool ········································································································································ 5
Configuring a NAT policy in the web interface ············································································································ 5
Configuration overview ··········································································································································· 5
Creating an address pool ······································································································································· 6
Configuring dynamic NAT ······································································································································ 8
Creating a static address mapping ························································································································ 9
Enabling static NAT on an interface ··················································································································· 10
Creating an internal server ··································································································································· 11
Configuring a DNS mapping ······························································································································· 13
NAT configuration examples ······························································································································· 14
Configuring a NAT in the CLI ······································································································································· 16
NAT configuration task list ··································································································································· 16
Configuring address translation··························································································································· 17
Configuring an internal server ····························································································································· 19
Configuring DNS mapping ·································································································································· 20
Setting NAT connection limits ······························································································································ 20
Displaying and maintaining NAT ························································································································ 21
NAT configuration examples ······························································································································· 21
Troubleshooting NAT ····················································································································································· 25
Symptom 1: abnormal translation of IP addresses ···························································································· 25
Symptom 2: internal server functions abnormally ······························································································ 25
Configuration guidelines ··············································································································································· 25
Application level gateway configuration ················································································································· 26
ALG overview ································································································································································· 26
Configuring ALG in the web interface ························································································································· 28
Enabling ALG ························································································································································· 28
ALG configuration examples ········································································································································ 28
FTP ALG configuration example ·························································································································· 28
SIP/H.323 ALG configuration example ············································································································· 30
NBT ALG configuration example ························································································································· 31
Configuring ALG in the command line interface ········································································································ 33
Enabling ALG ························································································································································· 33
ALG configuration examples ································································································································ 33
Support and other resources ····································································································································· 37
Contacting HP ································································································································································ 37
Subscription service ·············································································································································· 37
Related information ························································································································································ 37
Documents ······························································································································································ 37
Websites ································································································································································· 37
Conventions ···································································································································································· 38
Index ··········································································································································································· 40