R0106-HP MSR Router Series Layer 3 - IP Services Command Reference(V7)

ManualsBrandsHP ManualsNetwork HardwareHP MSR3024 TAA-compliant AC Router

191

192

193

194

195

196

197

198

199

200

179

reversible: Translates the destination address of a packet that originates from internal hosts to the

external host if the packet is permitted by ACL reverse matching.

Usage guidelines

You can specify an external network through a start address and an end address, and an internal

network through an external address and a mask.

An external end address cannot be greater than the greatest IP address in the network segment

determined by an external start address and an internal network mask. For example, if an internal

address is 2.2.2.0 with a mask 255.255.255.0 and the external start address is 1.1.1.100, the external

end address cannot be greater than 1.1.1.255, the greatest IP address in the network segment 1.1.1.0/24.

When the source IP address of an incoming packet matches the external address pool, the source IP

address is translated into a private address in the internal address pool. When the destination IP address

of a packet from the private network matches the internal address pool, the destination IP address is

translated into a public address in the external address pool.

• If you do not specify an ACL, the source addresses of all incoming packets and the destination

addresses of all outgoing packets are translated.

• If you specify an ACL and do not specify the reversible keyword, the source addresses of incoming

packets permitted by the ACL are translated. The destination addresses of packets originating from

internal hosts to the external are not translated.

• If you specify both an ACL and the reversible keyword, the source addresses of incoming packets

permitted by the ACL are translated. If packets originating from internal hosts to the external are

permitted by ACL reverse matching, the destination address is translated.

Static NAT takes precedence over dynamic NAT when both are configured on an interface.

You can configure multiple inbound static NAT mappings by using the nat static inbound command and

the nat static inbound net-to-net command.

Examples

# Configure an inbound static NAT between external network address 202.100.1.0/24 and internal

network address 192.168.1.0/24.

<Sysname> system-view

[Sysname] nat static inbound net-to-net 202.100.1.1 202.100.1.255 local 192.168.1.0 24

Related commands

• display nat all

• display nat static

• nat static enable

nat static outbound

Use nat static outbound to configure a one-to-one mapping for outbound static NAT.

Use undo nat static outbound to remove a one-to-one mapping for outbound static NAT.

Syntax

nat static outbound local-ip [ vpn-instance local-name ] global-ip [ vpn-instance global-name ] [ acl

acl-number [ reversible ] ]

undo nat static outbound local-ip [ vpn-instance local-name ]