HP VPN Firewall Appliances NAT and ALG Command Reference

(.). Each label has no more than 63 characters that must begin and end with letters or digits. Dashes (-)

can also be included.

protocol pro-type: Specifies the protocol type used by the internal server, tcp or udp.

ip global-ip: Specifies the public IP address used by the internal server to provide services to the external

network.

port global-port: Specifies the port number used by the internal server to provide services to the external

network. The global-port argument is in the range of 1 to 65535.

Usage guidelines

A device can support a maximum of 16 DNS mappings.

Examples

# A company provides Web service to external users. The domain name of the internal server is

www.server.com, and the public IP address is 202.112.0.1. Configure a DNS mapping, so that internal

users can access the Web server using its domain name.

<Sysname> system-view

[Sysname] nat dns-map domain www.server.com protocol tcp ip 202.112.0.1 port www

Related commands

display nat dns-map

nat outbound

Use nat outbound to enable outbound NAT on an interface.

Use undo nat outbound to disable outbound NAT.

Syntax

nat outbound acl-number [ address-group group-number [ vpn-instance vpn-instance-name ] [ no-pat |

port-preserved ] ] [ track vrrp virtual-router-id ]

undo nat outbound acl-number [ address-group group-number [ vpn-instance vpn-instance-name ]

[ no-pat | port-preserved ] ] ] [ track vrrp virtual-router-id ]

Views

Interface view

Default command level

2: System level

Parameters

acl-number: Specifies an ACL number in the range of 2000 to 3999.

address-group group-number: Specifies an address pool for NAT. The IP address of the interface is used

as the translated IP address. That is, Easy IP is enabled.

The following matrix shows the value range for the group-number argument on different firewalls and

firewall modules:

Hardware Value ran

F1000-A-EI/F1000-S-EI 0 to 255

F1000-E 0 to 2047