Manualshelf

3Com Switch 8800 Family Firewall Module Configuration and Command Reference Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module
81828384858687888990
84 CHAPTER 6: NAT CONFIGURATION
2 Configuring static inside ip NAT table
Static NAT function only converts the network addresses and remains the host
addresses unchanged.
Perform the following configuration in system view.
The nat static inside ip and nat static commands create two different types of
static NAT entries. Note that the two types cannot be in conflict.
c
CAUTION: When configuring static inside ip NAT, you must make sure that the
addresses after translation are not used by other devices in the network topology.
3 Applying static NAT entries on the interface
Perform the following configuration in interface view.
Configuring many-to-many NAT
The many-to-many NAT is accomplished by associating the ACL with the NAT
pool.
Perform the following configuration under the interface view.
Configuring NAPT
While associating the ACL and NAT pool, the selected no-pat parameter denotes
that only the IP address but the port information is translated, i.e. not using NAPT
function; whereas the omit of the no-pat parameter denotes using the NAPT
function.
By default, the NAPT function is active.
Perform the following configuration in interface view.
Tabl e 74 Configure static inside ip NAT table
Operation Command
Configure a static inside ip
NAT table
nat static inside ip inside-start-address inside-end-address
global global-address mask
Remove the existing static
inside ip NAT table
undo nat static inside ipinside-start-address
inside-end-address global global-address mask
Tabl e 75 Apply static NAT entries on the interface
Operation Command
Apply the configured static NAT entries on the interface nat outbound static
Disable the configured static entries on the interface undo nat outbound static
Tabl e 76 Configure many-to-many NAT
Operation Command
Add association for access control list and
address pool
nat outbound acl-number [ address-group
group-number [ no-pat ] ]
Delete association for access control list and
address pool
undo nat outbound acl-number [
address-group group-number [ no-pat ] ]