Manualshelf

3Com Switch 8800 Family Firewall Module Configuration and Command Reference Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module
81828384858687888990
NAT Configuration 83
Configuring NAT The NAT is accomplished by associating address pool with ACL. The association
creates a relationship between such IP packets, characterized in the ACL, and that
addresses, defined in the address pool. When a packet is transferred from inner
network to outer network, first, the packet is filtered by the ACL to let it out, then
the association between the ACL and address pool is used to find an address,
which will later serve actually as the translated address.
The configuration of ACL is discussed in “ACL Configuration”.
The configuration varies from kinds to kinds of NAT.
Easy IP
The NAT command without the address-group parameter functions as the nat
outbound acl-number command, implementing the "easy-ip" feature. When
performing address translation, the IP address of the interface is used as the
translated address and the ACL can be used to control which addresses can be
translated.
Perform the following configuration under the interface view.
Associating ACL with Loopback interface address
Perform the following configuration in interface view.
The source address of the data packets that match the ACL will be replaced with
the IP specified address of the Loopback interface.
Configuring static NAT table
1 Configuring static one-to-one NAT table
Perform the following configuration in system view.
Tab le 71 Configure Easy IP
Operation Command
Add association for access control list and address pool nat outbound acl-number
Delete association for access control list and address
pool
undo nat outbound acl-number
Tab le 72 Associate ACL with Loopback interface address
Operation Command
Associate the ACL with the specified
Loopback interface address
nat outbound acl-number interface
interface-type interface-number
Remove the association between the ACL and
Loopback interface address
undo nat outbound acl-number interface
interface-type interface-number
Tab le 73 Configure a one-to-one private-to-public address binding
Operation Command
Configure a one-to-one private-to-public
address binding.
nat static ip-addr1 ip-addr2
Delete an existing one-to-one
private-to-public address binding.
undo nat static ip-addr1 ip-addr2