Manualshelf

HP VPN Firewall Appliances NAT and ALG Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
12345678910
ii
Configuring a NAT-PT prefix ········································································································································ 38
Configuring IPv4/IPv6 address mappings on the IPv6 side ······················································································ 38
Configuring a static mapping on the IPv6 side ·································································································· 38
Configuring a dynamic mapping policy on the IPv6 side ················································································ 39
Configuring IPv4/IPv6 address mappings on the IPv4 side ······················································································ 40
Configuring a static mapping on the IPv4 side ·································································································· 40
Configuring a dynamic mapping policy on the IPv4 side ················································································ 41
Setting the ToS field after NAT-PT translation ············································································································· 41
Setting the traffic class field after NAT-PT translation ································································································· 41
Configuring static NAPT-PT mappings of IPv6 servers ······························································································· 42
Displaying and maintaining NAT-PT ···························································································································· 42
NAT-PT configuration examples ··································································································································· 43
Configuring dynamic mapping on the IPv6 side ······························································································· 43
Network requirements ··········································································································································· 43
Configuration procedure ······································································································································ 43
Configuring static mappings on the IPv4 side and the IPv6 side ····································································· 44
Network requirements ··········································································································································· 44
Configuration procedure ······································································································································ 44
Troubleshooting NAT-PT ················································································································································ 45
Symptom ································································································································································· 45
Solution ··································································································································································· 45
NAT444 ······································································································································································ 47
Feature and hardware compatibility ···························································································································· 47
Overview ········································································································································································· 47
Features ··········································································································································································· 47
Assigning port blocks ············································································································································ 47
Static mappings ····················································································································································· 48
NAT unlimited connection ···································································································································· 49
User connection limit ············································································································································· 49
Full cone NAT ························································································································································ 49
Multiple routing protocols ····································································································································· 49
NAT444 configuration task list ····································································································································· 49
Configuring NAT444 static IP-port mappings············································································································· 50
Configuring NAT444 dynamic IP-port mappings ······································································································· 50
Configuration prerequisites ·································································································································· 51
Configuration procedure ······································································································································ 51
Configuring Full cone NAT ··········································································································································· 51
Configuring NAT444 logging ······································································································································ 52
Displaying and maintaining NAT444 ························································································································· 52
NAT444 configuration examples ································································································································· 53
Network requirements ··········································································································································· 53
Configuration procedure ······································································································································ 54
Configuring ALG ························································································································································ 57
ALG process ··································································································································································· 58
Configuring ALG in the Web interface ························································································································ 59
Configuration procedure ······································································································································ 59
FTP ALG configuration example ·························································································································· 59
SIP/H.323 ALG configuration example ············································································································· 61
NBT ALG configuration example ························································································································· 64
Configuring ALG at the CLI ··········································································································································· 68
FTP ALG configuration example ·························································································································· 68
SIP/H.323 ALG configuration example ············································································································· 68
NBT ALG configuration example ························································································································· 69