4000 Router Series Layer 3 - IP Services Command Reference

ManualsBrandsHP ManualsNetwork HardwareHP MSR3024 TAA-compliant AC Router

171

172

173

174

175

176

177

178

179

180

164

• If you do not specify an ACL, the source addresses of all outgoing packets and the destination

addresses of all incoming packets are translated.

• If you specify an ACL and do not specify the reversible keyword, the source addresses of outgoing

packets permitted by the ACL are translated. The destination addresses of packets originating from

external hosts to the internal are not translated.

• If you specify both an ACL and the reversible keyword, the source addresses of outgoing packets

permitted by the ACL are translated. If packets originating from external hosts to the internal are

permitted by ACL reverse matching, the destination address is translated.

Static NAT takes precedence over dynamic NAT when both are configured on an interface.

You can configure multiple outbound static NAT mappings by using the nat static outbound command

and the nat static outbound net-to-net command.

Examples

# Configure an inbound static NAT mapping between external IP address 2.2.2.2 and internal IP

address 192.168.1.1.

<Sysname> system-view

[Sysname] nat static inbound 2.2.2.2 192.168.1.1

# Configure outbound static NAT, and allow the internal user 192.168.1.1 to access the external network

segment 3.3.3.0/24 by using the external IP address 2.2.2.2.

<Sysname> system-view

[Sysname] acl number 3001

[Sysname-acl-adv-3001] rule permit ip destination 3.3.3.0 0.0.0.255

[Sysname-acl-adv-3001] quit

[Sysname] nat static outbound 192.168.1.1 2.2.2.2 acl 3001

Related commands

• display nat all

• display nat static

• nat static enable

nat static outbound net-to-net

Use nat static outbound net-to-net to configure a net-to-net outbound static NAT mapping.

Use undo nat static outbound net-to-net to remove the specified net-to-net outbound static NAT mapping.

Syntax

nat static outbound net-to-net local-start-address local-end-address [ vpn-instance local-name ] global

global-network { mask-length | mask } [ vpn-instance global-name ] [ acl acl-number [ reversible ] ]

undo nat static outbound net-to-net local-start-address local-end-address [ vpn-instance local-name ]

Default

No NAT mapping exists.

Views

System view

Predefined user roles

network-admin