4000 Router Series Layer 3 - IP Services Configuration Guide

ManualsBrandsHP ManualsNetwork HardwareHP MSR3024 TAA-compliant AC Router

151

152

153

154

155

156

157

158

159

160

149

10.110.10.2/21 (Connections: 2)

10.110.10.3/21 (Connections: 2)

NAT logging:

Log enable : Disabled

Flow-begin : Disabled

Flow-end : Disabled

Flow-active: Disabled

NAT mapping behavior:

Mapping mode: Address and Port-Dependent

ACL : ---

NAT ALG:

DNS: Enabled

FTP: Enabled

H323: Enabled

ICMP-ERROR: Enabled

# Use the display nat session verbose command to display NAT session information generated when

external hosts access an internal FTP server.

[Router] display nat session verbose

Initiator:

Source IP/port: 202.38.1.25/53957

Destination IP/port: 202.38.1.1/21

VPN instance/VLAN ID/VLL ID: -/-/-

Protocol: TCP(6)

Responder:

Source IP/port: 10.110.10.3/21

Destination IP/port: 202.38.1.25/53957

VPN instance/VLAN ID/VLL ID: -/-/-

Protocol: TCP(6)

State: TCP_ESTABLISHED

Application: FTP

Start time: 2012-08-16 11:06:07 TTL: 26s

Interface(in) : GigabitEthernet1/2

Interface(out): GigabitEthernet1/1

Initiator->Responder: 1 packets 60 bytes

Responder->Initiator: 2 packets 120 bytes

Total sessions found: 5

NAT with DNS mapping configuration example

Network requirements

As shown in Figure 62, the internal Web server at 10.110.10.1/16 and FTP server at 10.110.10.2/16

provide services for external user. The company has three public addresses 202.38.1.1 through

202.38.1.3. The DNS server at 202.38.1.4 is on the external network.