4000 Router Series Layer 3 - IP Services Command Reference

ManualsBrandsHP ManualsNetwork HardwareHP MSR2003 AC Router

151

152

153

154

155

156

157

158

159

160

149

# Configure an inbound NO-PAT rule on interface Ethernet 1/1 to translate the source addresses of

incoming packets into the addresses in address group 1, and automatically add a route for translated

packets.

[Sysname] interface ethernet 1/1

[Sysname-Ethernet1/1] nat inbound 2001 address-group 1 vpn-instance vpn10 no-pat add-route

Related commands

• display nat all

• display nat inbound

• display nat no-pat

nat log enable

Use nat log enable to enable the NAT logging function.

Use undo nat log enable to disable NAT logging.

Syntax

nat log enable [ acl acl-number ]

undo nat log enable

Default

The NAT logging function is disabled.

Views

System view

Predefined user roles

network-admin

Parameters

acl acl-number: Specifies an ACL number in the range of 2000 to 3999. If an ACL is specified, this

command logs NAT flows that match the permit statements in the ACL. If no ACL is specified, this

command logs all NATed data flows.

Usage guidelines

NAT logging records NAT session information, such as IP address and port number translation, user

access, and network flows.

A NAT device generates NAT logs when one of the following occurs:

• A NAT session is established.

• A NAT session is removed when you add configurations with higher priority, remove configurations,

change ACLs, or when a NAT session ages out or a NAT session is deleted.

• Active NAT flows exist. When the interval for logging an active NAT session is reached, the NAT

session is logged.

Examples

# Enable NAT logging.

<Sysname> system-view

[Sysname] nat log enable