3Com Switch 8800 Advanced Software V5 Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 9400sl 4-Port 10-GbE Module

991

992

993

994

995

996

997

998

999

1000

NAT Configuration Example 999

■ Configure a connection-limit policy and bind it to the NAT module. Configure

the upper limit of connections as 1000 (based on the source address)

respectively, which means the number of connections initiated from internal

user cannot exceed 1000.

Network diagram

Figure 299 NAT network diagram

Configuration procedure

# Configure an address pool and an ACL.

<Switch> system-view

[Switch] nat address-group 1 202.38.160.101 202.38.160.103

[Switch] acl number 2001

[Switch-acl-basic-2001] rule permit source 10.110.10.0 0.0.0.255

[Switch-acl-basic-2001] quit

# Apply NAT to 10.110.10.1 only

[Switch] vlan 10

[Switch-vlan10] port Ethernet 1/1/1

[Switch-vlan10] quit

[Switch] interface vlan-interface 10

[Switch-Vlan-interface10] nat outbound 2001 address-group 1

[Switch-Vlan-interface10] quit

[Switch] interface nat 2/0/1

[Switch-NAT2/0/1]nat binding interface vlan-interface 10

# Configure the internal FTP server.

[Switch-Vlan-interface10] nat server protocol tcp global 202.38.160.

100

8021 inside 10.110.10.1 ftp

# Configure the internal WWW server 1.

Internet

FTP server

10.110.10.1/16

WWW server 1

10.110.10.2/16

WWW server 2

10.110.10.3/16

SMTP server

10.110.10.4/16

Host A

10.110.10.100/16

Host B

Vlan-int10

Switch