R3303-HP 6600/HSR6600 Routers Layer 3 - IP Services Command Reference

ManualsBrandsHP ManualsNetwork HardwareHP HSR6602-XG Router

141

142

143

144

145

146

147

148

149

150

132

• You can use service names to represent well-known port numbers. For example, you can use www

to represent port number 80, ftp to represent port number 21, and so on.

• You can use the keyword any to represent port number 0, which means all types of services are

supported. This has the same effect as a static translation between the global-address and

host-address.

vpn-instance global-name: Specifies the MPLS L3VPN to which the advertised external IP address

belongs. The global-name argument is a case-sensitive string of 1 to 31 characters. Without this option,

the advertised external IP address does not belong to any VPN.

inside server-group group-number: Internal server group to which the internal server belongs. The

group-number argument specifies the internal server group number in the range of 0 to 31.

vpn-instance local-name: Specifies the MPLS L3VPN to which the internal server belongs. The local-name

argument is a case-sensitive string of 1 to 31 characters. Without this option, the internal server does not

belong to any VPN.

Usage guidelines

Using this command, you can configure internal servers (such as Web, FTP, Telnet, POP3, and DNS

servers) to provide services for external users.

An internal server can reside in an internal network or an MPLS VPN. This command supports inter-VPN

access through NAT.

The number of load sharing internal servers supported on an interface and the number of internal servers

supported by the system depends on the device model.

In general, this command is configured on an interface that serves as the egress of an internal network

and connects to the ISP.

Examples

# Allow external users to access the internal Web server 10.110.10.10 on the LAN through

http://202.110.10.10:8080. Assume that interface Serial 2/1/0 is connected to the external network.

<Sysname> system-view

[Sysname] nat server-group 1

[Sysname-nat-server-group-1] inside ip 10.110.10.10 port 30

[Sysname-nat-server-group-1] quit

[Sysname] interface serial 2/1/0

[Sysname-Serial2/1/0] nat server protocol tcp global 202.110.10.10 8080 vpn vrf10 inside

server-group 1

Related commands

• nat server-group

• display nat server

nat server (for normal NAT server)

Use nat server to configure a load sharing internal server.

Use undo nat server to remove the configuration.