Manualshelf

HP VPN Firewall Appliances NAT and ALG Command Reference

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
21222324252627282930
17
protocol pro-type: Specifies a protocol type. pro-type supports TCP, UDP, and ICMP. If ICMP is specified,
do not specify port number for the internal server.
global-address: Specifies the public IP address for the internal server.
current-interface: Uses the current interface address as the external IP address for the internal server.
interface: Uses a specific interface address as the external IP address for the internal server, enabling
Easy IP.
interface-type interface-number: Specifies the interface type and interface number. Only loopback
interface is supported and must be configured. Otherwise the configuration is considered illegal.
global-port1, global-port2: Specifies a range of ports that have a one-to-one correspondence with the IP
addresses of the internal hosts. The global-port2 argument must be greater than global-port1.
local-address1, local-address2: Defines a consecutive range of addresses that have a one-to-one
correspondence with the range of ports. The local-address2 argument must be greater than
local-address1 and that the number of addresses must match that of the specified ports.
local-port: Specifies the port number provided by the internal server, in the range of 0 to 65535,
excluding FTP port number 20.
You can use the service names to represent those well-known port numbers. For example, you can
use www to represent port number 80, ftp to represent port number 21, and so on.
You can use the keyword any to represent port number 0, which means all types of services are
supported. This has the same effect as a static translation between the global-address and
local-address.
global-port: Specifies the global port number for the internal server, in the range of 0 to 65535.
local-address: Specifies the internal IP address of the internal server.
vpn-instance global-name: Specifies the VPN to which the advertised external network address belongs.
The global-name argument is a case-sensitive string of 1 to 31 characters. Without this option, the
advertised external IP address does not belong to any VPN.
vpn-instance local-name: Specifies the VPN to which the internal server belongs. The local-name
argument is a case-sensitive string of 1 to 31 characters. Without this parameter, the internal server does
not belong to any VPN.
remote-host host-address: Specifies the IP address of the remote host accessing the internal server.
lease-duration lease-time: Specifies the valid time of the service provided by the internal server. The
lease-time argument indicates the valid time in seconds, in the range of 0 to 4294967295. The value 0
indicates that the service never expires.
description string: Displays detailed information about the internal server. The string argument is a
case-insensitive string of 1 to 256 characters.
track vrrp vi
rtual
-router-id: Associates the internal server with a VRRP group. The virtual-router-id
argument indicates the number of the VRRP group to be associated. Without this option specified, no
VRRP group is associated.
Usage guidelines
Using the address and port defined by the global-address and global-port parameters, external users
can access the internal server with an IP address of local-address and a port of local-port.
If one of the two arguments global-port and local-port is set to any, the other must also be any or remain
undefined.