4000 Router Series Layer 3 - IP Services Configuration Guide

ManualsBrandsHP ManualsNetwork HardwareHP MSR3024 TAA-compliant AC Router

121

122

123

124

125

126

127

128

129

130

119

Configuring inbound one-to-one static NAT

Configure inbound one-to-one static NAT for address translation between a private IP address and a

public IP address.

• When the source IP address of a packet from the public network to the private network matches the

global-ip, the IP address is translated to the local-ip.

• When the destination IP address of a packet from the private matches the local-ip, the source IP

address is translated to the global-ip.

To configure inbound one-to-one static NAT:

Ste

Command

Remarks

1. Enter system view.

system-view N/A

2. Configure a one-to-one

mapping for inbound static

NAT.

nat static inbound global-ip

[ vpn-instance global-name ]

local-ip [ vpn-instance local-name ]

[ acl acl-number [ reversible ] ]

By default, no mappings exist.

If you specify the acl keyword, Nat

processes only packets matching

the permit statement in the ACL.

3. Return to system view.

quit N/A

4. Enter interface view.

interface interface-type

interface-number

N/A

5. Enable static NAT on the

interface.

nat static enable By default, static NAT is disabled.

Configuring inbound net-to-net static NAT

Configure inbound net-to-net static NAT for translation between a private network and a public network.

• When the source IP address of a packet from the public network matches the external NAT address

pool, the source IP address is translated into a private address in the internal NAT address pool.

• When the destination IP address of a packet from the private network matches the internal NAT

address pool, the destination IP address is translated into a public address in the external NAT

address pool.

To configure inbound net-to-net static NAT:

Ste

Command

Remarks

1. Enter system view.

system-view N/A

2. Configure a net-to-net

mapping for inbound static

NAT.

nat static inbound net-to-net

global-start-address

global-end-address [ vpn-instance

global -name ] local local-network

{ mask-length | mask }

[ vpn-instance local-name ] [ acl

acl-number [ reversible ] ]

By default, no mappings exist.

If you specify the acl keyword,

NAT processes only packets

matching the permit statement in

the ACL.

3. Return to system view.

quit N/A

4. Enter interface view.

interface interface-type

interface-number

N/A