Manualshelf

HP VPN Firewall Appliances NAT and ALG Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
12345678910
i
Contents
Configuring NAT ·························································································································································· 1
Overview ············································································································································································ 1
NAT control ······························································································································································· 2
NAT operation ·························································································································································· 2
Address translation ··················································································································································· 5
Low-priority address pool ········································································································································ 5
Configuration guidelines ·················································································································································· 6
Configuring NAT in the Web interface ·························································································································· 6
Recommended configuration procedure ················································································································ 6
Creating an address pool ······································································································································· 7
Configuring dynamic NAT on an interface ··········································································································· 8
Creating a static address mapping ························································································································ 9
Enabling static NAT on an interface ··················································································································· 11
Configuring an internal server ····························································································································· 11
Configuring ACL-based NAT on the internal server ·························································································· 16
Configuring DNS mapping ·································································································································· 17
NAT configuration example ································································································································· 17
Internal server configuration example ················································································································· 20
Configuring NAT at the CLI ·········································································································································· 23
NAT configuration task list ··································································································································· 23
Configuring static NAT ········································································································································· 24
Configuring dynamic NAT ··································································································································· 24
Configuring an internal server ····························································································································· 26
Configuring ACL-based NAT on an internal server ··························································································· 27
Configuring DNS mapping ·································································································································· 28
Displaying and maintaining NAT ························································································································ 28
One-to-one static NAT configuration example ··································································································· 28
Dynamic NAT configuration example ················································································································· 29
Common internal server configuration example ································································································ 30
NAT DNS mapping configuration example ······································································································· 31
Troubleshooting NAT ····················································································································································· 32
Symptom 1 ····························································································································································· 32
Solution ··································································································································································· 32
Symptom 2 ····························································································································································· 32
Solution ··································································································································································· 32
Configuring NAT-PT ··················································································································································· 34
Overview ········································································································································································· 34
Basic concepts ······················································································································································· 34
NAT-PT mechanism ··············································································································································· 34
NAT-PT prefix ························································································································································· 35
Implementing NAT-PT ············································································································································ 35
Session initiated by an IPv6 host ························································································································· 35
Session initiated by an IPv4 host ························································································································· 36
NAT-PT limitations ················································································································································· 36
Protocols and standards ······································································································································· 37
NAT-PT configuration task list ······································································································································· 37
Configuration prerequisites ··········································································································································· 37
Enabling NAT-PT ···························································································································································· 38