R3204P16-HP Load Balancing Module Network Management Configuration Guide-6PW101
Table Of Contents
- Title page
- Contents
- Interface management configuration
- IP addressing configuration
- MAC address table configuration
- Layer 2 forwarding configuration
- Layer 2 forwarding overview
- Configuring general Layer 2 forwarding
- Configuring inline Layer 2 forwarding
- Configuring inter-VLAN Layer 2 forwarding
- Forward-type inline Layer 2 forwarding configuration example
- Blackhole-type inline Layer 2 forwarding configuration example
- Inter-VLAN Layer 2 forwarding configuration example
- VLAN configuration
- ARP configuration
- Gratuitous ARP configuration
- Proxy ARP configuration
- Layer 3 forwarding configuration
- NAT configuration
- Overview
- Configuring a NAT policy in the web interface
- Configuring NAT in the CLIs
- Configuration guidelines
- ALG configuration
- Static route configuration
- RIP configuration
- OSPF configuration
- BGP configuration
- Policy-based routing configuration
- Route displaying
- DNS configuration
- Overview
- Configuring DNS on the web interface
- Configuring DNS in the CLIs
- Troubleshooting IPv4 DNS configuration
- Support and other resources
- Index
106
Troubleshooting NAT
Symptom 1: abnormal translation of IP addresses
Solution: Enable debugging for NAT. Try to locate the problem based on the debugging display. Use
other commands, if necessary, to further identify the problem. Pay special attention to the source address
after the address translation and ensure that this address is the address that you intend to change to. If
not, there may be an address pool bug. Also ensure a route is available between the destination network
and the address pool segment. Be aware of the possible effects that the firewall or the ACLs have to NAT,
and also note the route configurations.
Symptom 2: internal server functions abnormally
Solution: Check whether the internal server host is properly configured; whether LB module is correctly
configured with respect to the internal server parameters, such as the internal server IP address. It is also
possible that the firewall that has denied external access to the internal network. You can use the display
acl command to verify this.
Configuration guidelines
When configuring address pools, note the following:
1. Low-priority address pools cannot include addresses in non low-priority address pools, external IP
addresses for one-to-one NAT, and public addresses of internal servers.
2. When configuring NAT on a LB module, note the following limitations.
• The rules of an ACL applied on an interface cannot conflict with one another. If the source and
destination IP addresses and VPN instance of two ACL rules are the same, a conflict occurs. For a
basic ACL (with a number from 2000 to 2999), if the source IP address and VPN instance of two
ACL rules are the same, a conflict occurs.
• One address pool can only be configured on one VLAN interface.
3. If 6(TCP) or 17(UDP) is not selected as the protocol type when configuring an internal server, you
can only configure the mapping between Internal IP and Global IP. The Internal Port and Global
Port options are not available.
4. The address pool, dynamic NAT, static NAT, and internal server configurations can be modified
through Web pages. Note that the modification you make takes effect after the former
configuration is removed by the system.