Manualshelf

R3166-R3206-HP High-End Firewalls NAT and ALG Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
31323334353637383940
35
Figure 25 Network diagram for SIP ALG configuration
2. Configuration procedure
# Configure the address pool and ACL.
<Firewall> system-view
[Firewall] nat address-group 1 5.5.5.9 5.5.5.11
[Firewall] acl number 2001
[Firewall-acl-basic-2001] rule permit source 192.168.1.0 0.0.0.255
[Firewall-acl-basic-2001] rule deny
[Firewall-acl-basic-2001] quit
# Enable ALG for SIP.
[Firewall] alg sip
# Configure NAT.
[Firewall] interface ethernet 1/2
[Firewall-Ethernet1/2] nat outbound 2001 address-group 1
NBT ALG configuration example
1. Network requirements
As shown in Figure 23, a c
ompany accesses the Internet through a firewall with NAT and ALG enabled.
The company provides NBT services to the outside. The inside network segment of the company is
192.168.1.0/24. Configure NAT and ALG to meet the following requirements:
Host B can access the WINS server and Host A with host names.
Host A uses 5.5.5.9 as its external IP address, and the WINS server uses 5.5.5.10 as its external IP
address.
Figure 26 Network diagram for NBT ALG configuration
2. Configuration procedure
# Configure a static NAT entry.
<Firewall> system-view