Manualshelf

3Com Switch 8800 Family IPsec Module Configuration and Command reference Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module
919293949596979899100
Displaying and Debugging NAT 91
Displaying and
Debugging NAT
After the above configuration, execute the display command in all views to
display the running of the NAT configuration, and to verify the effect of the
configuration.
Execute the reset command in user views to clear the running.
Execute the debugging command in user view for the debugging of NAT.
NAT Configuration
Example
Network requirements
As shown in Figure 18, an enterprise is connected to WAN by the address
translation function of the IPsec module. It is required that the enterprise can
access the Internet via the IPsec module, and provide www, ftp and smtp services
to the outside. The address of the internal ftp server is 10.0.1.2/24. The address of
the internal www server is 10.0.1.1/24. The address of the internal smtp server is
10.0.1.3/24. It is expected to provide uniform server IP address to the outside.
Internal network segment 10.0.0.0/24 may access Internet, but PC on other
segments cannot access Internet. External PC may access internal server. The
enterprise has six legal IP addresses from 202.38.160.100 to 202.38.160.105.
Choose 202.38.160.100 to be the external IP address of the enterprise.
Tab le 83 Display and debug NAT
Operation Command
Check NAT status
display nat { address-group | aging-time | all |
outbound | server | statistics | session [ source { global
global-addr | source inside inside-addr } ] }
Enable the debugging of NAT
debugging nat { alg | event | packet [ interface {
interface-type interface-number ] }
Disable the debugging of NAT
undo debugging nat { alg | event | packet [ interface
interface-type interface-number ] }
Clear NAT mapping table reset nat{ log-entry | session slot slot-number }