Manualshelf

HP VPN Firewall Appliances NAT and ALG Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
11121314151617181920
8
Item Descri
tion
End IP Address
Specify the end IP address of the address pool.
The end IP address must be identical to or higher than the start IP address.
Low priority
Configure the address pool as a low-priority or a non low-priority address pool.
IMPORTANT:
This configuration item is applicable for asymmetric-path stateful failover only. The
low priority settings for the local and peer devices must be different.
Configuring dynamic NAT on an interface
1. From the navigation tree, select Firewall > NAT Policy > Dynamic NAT.
The dynamic NAT configuration page appears, as shown in Figure 5.
2. In the Dynamic NAT area, click Add to enter the Add Dynamic NAT page.
Figure 7 Adding Dynamic NAT page
3. Configure dynamic NAT on an interface as described in Table 2.
4. Click Apply.
Table 2 Configuration items
Item Descri
tion
Interface Specify an interface on which dynamic NAT is to be enabled.
ACL
Specify an ACL for dynamic NAT.
You cannot associate an ACL with multiple NAT address pools, or associate an ACL
with both Easy IP and an address pool.
IMPORTANT:
On some devices, the rules of an ACL applied on an interface cannot conflict with one
another, that is, rules with the same source IP address, destination IP address, and VPN
instance are considered as a conflict. In a basic ACL (numbering 2000 to 2999), rules
with the same source IP address and VPN instance are considered as a conflict.