Manualshelf

HP VPN Firewall Appliances NAT and ALG Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
51525354555657585960
54
Figure 38 A CR with 1 to n NAT444 gateways network diagram
Configuration procedure
This configuration example is only for the NAT444 device. For configurations about other network
devices, see the descriptions about the related features.
Configure a static NAT444 IP-port mapping:
# Configure a static NAT444 IP-port mapping.
<Sysname> system-view
[Sysname] nat444 static local 192.168.1.1 192.168.1.100 global 201.1.1.1 201.1.1.10
port-range 10001 20000 block-size 1000
# Enable static NAT444 on the outbound interface to make the IP-port mapping take effect.
[Sysname] interface ten-gigabitethernet0/0.1002
[Sysname-Ten-GigabitEthernet0/0.1002] nat444 outbound static
[Sysname-Ten-GigabitEthernet0/0.1002] quit
# Enable NAT444 logging.
[Sysname] nat444 log user
[Sysname] nat444 log session-start
[Sysname] quit
# Display static NAT444 IP-port mappings. (The output varies with device models.)
<Sysname> display nat444 static-ip-port-block
NAT ip-port-assign table:
Local-ip <-> Global-ip : (Port1 - Port2 )
192.168.1.1 <-> 201.1.1.1 : (10001 - 11000 )
192.168.1.2 <-> 201.1.1.1 : (11001 - 12000 )
192.168.1.3 <-> 201.1.1.1 : (12001 - 13000 )
192.168.1.4 <-> 201.1.1.1 : (13001 - 14000 )
IPv4 network IPv6 network
MAN
CR-1 CR-2
BRAS-2 BRAS-1 SR-1
Bridging users
Routing users
b) Centralized inserted card NAT444
SR-2
NAT444-1
NAT444-2
IPv4 network IPv6 network
MAN
CR-1 CR-2
BRAS-2 BRAS-1 SR-1
NAT444-1
NAT444-2
Bridging users
Routing users
a) Centralized bypass NAT444
NAT444-3
NAT444-4
SR-2