Manualshelf

HP VPN Firewall Appliances NAT and ALG Command Reference

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
21222324252627282930
21
vpn-instance local-name: Specifies the VPN to which the internal IP address belongs. The local-name
argument is a case-sensitive string of 1 to 31 characters. Without this option, the internal IP address does
not belong to any VPN.
global-ip: Specifies the external IP address.
vpn-instance global-name: Specifies the VPN to which the external IP address belongs. The global-name
argument is a case-sensitive string of 1 to 31 characters. Without this option, the external IP address does
not belong to any VPN.
Examples
# In system view, configure static NAT mapping between internal IP address 192.168.1.1 and external IP
address 2.2.2.2.
<Sysname> system-view
[Sysname] nat static 192.168.1.1 2.2.2.2
# Configure static NAT to allow the internal host 192.168.1.1 to access only the external network
3.3.3.0/24 by using the external IP address 2.2.2.2.
<Sysname> system-view
[Sysname] acl number 3001
[Sysname-acl-adv-3001] rule permit ip destination 3.3.3.0 0.0.0.255
[Sysname-acl-adv-3001] quit
[Sysname] nat static 3001 192.168.1.1 2.2.2.2
Related commands
display nat static
nat static net-to-net
Use nat static net-to-net to configure a net-to-net static NAT mapping.
Use undo nat static net-to-net to remove a net-to-net static NAT mapping.
Syntax
nat static [ acl-number ] net-to-net local-network [ vpn-instance local-name ] global-network
[ vpn-instance global-name ] { mask-length | mask }
undo nat static [ acl-number ] net-to-net local-network [ vpn-instance local-name ] global-network
[ vpn-instance global-name ] { mask-length | mask }
Views
System view
Default command level
2: System level
Parameters
acl-number: Specifies an ACL number in the range of 2000 to 3999. You can use an ACL to control the
access traffic between internal and external hosts. Only hosts permitted by an ACL can be performed
static NAT. local-network: Internal network address.
vpn-instance local-name: Specifies the VPN to which the internal network belongs. The local-name
argument is a case-sensitive string of 1 to 31 characters. Without this option, the internal network does
not belong to any VPN.