3Com Switch 8800 Family IPsec Module Configuration and Command reference Guide
328 CHAPTER 19: NAT CONFIGURATION COMMANDS
c
CAUTION:
■ The length of an address pool (numbers of all addresses contained in an
address pool) cannot exceed 255.
■ The address pool cannot be deleted, if it has been correlated to some certain
access control list to perform the address translation.
Example
# Configure an address pool from 202.110.10.10 to 202.110.10.15, with its NAT
pool ID being 1.
[SecBlade_FW] nat address-group 1 202.110.10.10 202.110.10.15
nat aging-time Syntax
nat aging-time { default | { dns | ftp-ctrl | ftp-data | icmp | pptp | tcp | tcp-fin
| tcp-syn | udp } seconds }
View
System view
Parameter
default: Sets the address translation lifetime values to the defaults.
dns: Sets the address translation lifetime for DNS, which defaults to 60 seconds.
ftp-ctrl: Sets the address translation lifetime for FTP control links, which defaults
to 7200 seconds.
ftp-data: Sets the address translation lifetime for FTP data links, which defaults to
300 seconds.
icmp: Sets the address translation lifetime for ICMP, which defaults to 60 seconds.
pptp: Sets the address translation lifetime for PPTP, which defaults to 86400
seconds.
tcp: Sets the address translation lifetime for TCP, which defaults to 86400
seconds.
tcp-fin: Sets the address translation lifetime for TCP FIN or TCP RST connections,
which defaults to 60 seconds.
tcp-syn: Sets the address translation lifetime for TCP SYN connections, which
defaults to 60 seconds.
udp: Sets the address translation lifetime for UDP, which defaults to 300 seconds.
seconds: Time value, in the range 10 to 86400 (24 hours).
Description
Use the nat aging-time command to set the lifetime of NAT connections.
This command is used to set the lifetime of address translation connection in
seconds, and different time values are set for different types of protocols. The