Manualshelf

R3721-F3210-F3171-HP High-End Firewalls VPN Command Reference-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
11121314151617181920
13
Description
Use aft address-group to create an AFT address pool.
Use undo aft address-group to delete a specified AFT address pool.
NOTE:
You can not delete an address pool that is referenced by a v6tov4 policy. To delete such an address
pool, you must delete the policy first.
If
start-ipv4-address
equals
end-ipv4-address
, only one address is available in the address pool.
Related commands: display aft address-group and display aft all.
Examples
# Create an AFT IPv4 address pool which contains addresses from 10.168.11.200 to 10.168.11. 210 .
<Sysname> system-view
[Sysname] aft address-group 1 10.168.11.200 10.168.11.210
aft enable
Syntax
aft enable
undo aft enable
View
Interface view
Default Level
2: System level
Parameters
None
Description
Use aft enable to enable AFT on an interface.
Use undo aft enable to disable AFT on an interface.
By default, AFT is disabled.
NOTE:
The aft enable command enables both AFT and NAT-PT. For more information about the NAT-PT
technology, see
NAT and ALG Configuration Guide
.
Avoid configuring both AFT and NAT-PT on the same device.
Related commands: display aft statistics and display aft all.
Examples
# Enable AFT on an interface.
<Sysname> system-view
[Sysname] interface GigabitEthernet 0/1
[Sysname-GigabitEthernet0/1] aft enable