Manualshelf

HP VPN Firewall Appliances NAT and ALG Command Reference

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
21222324252627282930
20
local-port: Specifies the port number provided by the internal server, in the range of 0 to 65535,
excluding FTP port number 20.
You can use the service names to represent those well-known port numbers. For example, you can
use www to represent port number 80, ftp to represent port number 21, and so on.
You can use the keyword any to represent port number 0, which means all types of services are
supported. This has the same effect as a static translation between the global-address and
local-address.
vpn-instance local-name: Specifies the VPN to which the internal server belongs. The local-name
argument is a case-sensitive string of 1 to 31 characters. Without this parameter, the internal server does
not belong to any VPN.
Examples
# Create ACL 3000 to permit packets with the destination address 202.110.10.100/24. The address is
the public address of the internal server.
<Sysname> system-view
[Sysname] acl number 3000
[Sysname-acl-adv-3000] rule permit ip destination 202.110.10.100 0.0.0.255
[Sysname-acl-adv-3000] quit
# Allow packets permitted by the ACL to access the internal Web server 192.168.0.1. Assume that the
interface GigabitEthernet 0/1 is connected to the external network.
[Sysname] interface gigabitethernet 0/1
[Sysname-GigabitEthernet0/1] nat server protocol tcp global 3000 inside 192.168.0.1 www
Related commands
display nat server
nat static
Use nat static to configure a one-to-one static NAT mapping.
Use undo nat static to remove a one-to-one static NAT mapping.
Syntax
nat static [ acl-number ] local-ip [ vpn-instance local-name ] global-ip [ vpn-instance global-name ]
undo nat static [ acl-number ] local-ip [ vpn-instance local-name ] global-ip [ vpn-instance global-name ]
Views
System view
Default command level
2: System level
Parameters
acl-number: Specifies an ACL number in the range of 2000 to 3999. You can use an ACL to control the
access traffic between internal and external hosts. Only hosts permitted by an ACL can be performed
static NAT.
local-ip: Specifies the internal IP address.