Manualshelf

R0106-HP MSR Router Series Layer 3 - IP Services Command Reference(V7)

ManualsBrandsHP ManualsNetwork HardwareHP MSR3024 TAA-compliant AC Router
191192193194195196197198199200
182
When the source IP address of a packet from the private network matches the internal NAT address pool,
the source IP address is translated into a public address in the external NAT address pool. When the
destination IP address of a packet from the public network matches the external NAT address pool, the
destination IP address is translated into a private address in the internal NAT address pool.
If you do not specify an ACL, the source addresses of all outgoing packets and the destination
addresses of all incoming packets are translated.
If you specify an ACL and do not specify the reversible keyword, the source addresses of outgoing
packets permitted by the ACL are translated. The destination addresses of packets originating from
external hosts to the internal are not translated.
If you specify both an ACL and the reversible keyword, the source addresses of outgoing packets
permitted by the ACL are translated. If packets originating from external hosts to the internal are
permitted by ACL reverse matching, the destination address is translated.
Static NAT takes precedence over dynamic NAT when both are configured on an interface.
You can configure multiple outbound static NAT mappings by using the nat static outbound command
and the nat static outbound net-to-net command.
Examples
# Configure an outbound static NAT mapping between internal network address 192.168.1.0/24 and
external network address 2.2.2.0/24.
<Sysname> system-view
[Sysname] nat static outbound net-to-net 192.168.1.1 192.168.1.255 global 2.2.2.0 24
# Configure outbound static NAT. Allow internal users on subnet 192.168.1.0/24 to access the external
subnet 3.3.3.0/24 by using IP addresses on subnet 2.2.2.0/24.
<Sysname> system-view
[Sysname] acl number 3001
[Sysname-acl-adv-3001] rule permit ip destination 3.3.3.0 0.0.0.255
[Sysname-acl-adv-3001] quit
[Sysname] nat static outbound net-to-net 192.168.1.1 192.168.1.255 global 2.2.2.0 24 acl
3001
Related commands
display nat all
display nat static
nat static enable
port-block
Use port block to configure port block parameters for a NAT address group.
Use undo port block to remove port block configuration from a NAT address group.
Syntax
port block block-size block-size [ extended-block-number extended-block-number ]
undo port block
Default
Port block parameters are not configured for a NAT address group.