R0106-HP MSR Router Series Layer 3 - IP Services Configuration Guide(V7)

ManualsBrandsHP ManualsNetwork HardwareHP MSR3024 TAA-compliant AC Router

141

142

143

144

145

146

147

148

149

150

132

# Configure ACL 2000, and create a rule to permit packets only from segment 192.168.1.0/24 to pass

through.

[Router] acl number 2000

[Router-acl-basic-2000] rule permit source 192.168.1.0 0.0.0.255

[Router-acl-basic-2000] quit

# Enable outbound dynamic PAT on interface GigabitEthernet 2/1/2. The source IP addresses of the

packets permitted by the ACL rule is translated into the addresses in address group 0.

[Router] interface gigabitethernet 2/1/2

[Router-GigabitEthernet2/1/2] nat outbound 2000 address-group 0

[Router-GigabitEthernet2/1/2] quit

Verifying the configuration

# Verify that Host A can access the WWW server, while Host B cannot. (Details not shown.)

# Display all NAT configuration and statistics.

[Router] display nat all

NAT address group information:

There are 1 NAT address groups.

Address group 0:

Address information:

Start address End address

202.38.1.2 202.38.1.3

NAT outbound information:

There are 1 NAT outbound rules.

Interface: GigabitEthernet2/1/2

ACL: 2000 Address group: 0 Port-preserved: N

NO-PAT: N Reversible: N

NAT logging:

Log enable : Disabled

Flow-begin : Disabled

Flow-end : Disabled

Flow-active : Disabled

Port-block-assign : Disabled

Port-block-withdraw : Disabled

Alarm : Disabled

NAT mapping behavior:

Mapping mode: Address and Port-Dependent

ACL : ---

NAT ALG:

DNS : Enabled

FTP : Enabled

H323 : Enabled

ICMP-ERROR : Enabled

ILS : Enabled

MGCP : Enabled