Manualshelf

HP VPN Firewall Appliances NAT and ALG Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
51525354555657585960
55
192.168.1.5 <-> 201.1.1.1 : (14001 - 15000 )
192.168.1.6 <-> 201.1.1.1 : (15001 - 16000 )
192.168.1.7 <-> 201.1.1.1 : (16001 - 17000 )
192.168.1.8 <-> 201.1.1.1 : (17001 - 18000 )
192.168.1.9 <-> 201.1.1.1 : (18001 - 19000 )
192.168.1.10 <-> 201.1.1.1 : (19001 - 20000 )
192.168.1.11 <-> 201.1.1.2 : (10001 - 11000 )
192.168.1.12 <-> 201.1.1.2 : (11001 - 12000 )
192.168.1.13 <-> 201.1.1.2 : (12001 - 13000 )
192.168.1.14 <-> 201.1.1.2 : (13001 - 14000 )
192.168.1.15 <-> 201.1.1.2 : (14001 - 15000 )
192.168.1.16 <-> 201.1.1.2 : (15001 - 16000 )
192.168.1.17 <-> 201.1.1.2 : (16001 - 17000 )
192.168.1.18 <-> 201.1.1.2 : (17001 - 18000 )
192.168.1.88 <-> 201.1.1.9 : (17001 - 18000 )
192.168.1.89 <-> 201.1.1.9 : (18001 - 19000 )
192.168.1.90 <-> 201.1.1.9 : (19001 - 20000 )
192.168.1.91 <-> 201.1.1.10 : (10001 - 11000 )
192.168.1.92 <-> 201.1.1.10 : (11001 - 12000 )
192.168.1.93 <-> 201.1.1.10 : (12001 - 13000 )
192.168.1.94 <-> 201.1.1.10 : (13001 - 14000 )
192.168.1.95 <-> 201.1.1.10 : (14001 - 15000 )
192.168.1.96 <-> 201.1.1.10 : (15001 - 16000 )
192.168.1.97 <-> 201.1.1.10 : (16001 - 17000 )
192.168.1.98 <-> 201.1.1.10 : (17001 - 18000 )
192.168.1.99 <-> 201.1.1.10 : (18001 - 19000 )
192.168.1.100 <-> 201.1.1.10 : (19001 - 20000 )
Configure a dynamic NAT444 IP-port mapping:
# Configure address pool 1.
<Sysname> System-view
[Sysname] nat address-group 1 201.1.1.1 201.1.1.10
# Create ACL 3000, permitting packets from 192.168.1.0 to pass through.
[Sysname] acl number 3000
[Sysname-acl-adv-3000] rule 0 permit ip source 192.168.1.0 0.0.0.255
[Sysname-acl-adv-3000] quit
# Configure a dynamic NAT444 IP-port mapping.
[Sysname] interface Ten-GigabitEthernet0/0.1002
[Sysname-Ten-GigabitEthernet0/0.1002] vlan-type dot1q vid 1002
[Sysname-Ten-GigabitEthernet0/0.1002] nat444 outbound 3000 address-group 1
port-range 10001 20000 block-size 1000
[Sysname-Ten-GigabitEthernet0/0.1002] ip address 202.1.1.1 255.255.255.0
[Sysname-Ten-GigabitEthernet0/0.1002] quit
# Enable NAT444 logging.
[Sysname] nat444 log user
[Sysname] nat444 log session-start
# Display dynamic IP-port mappings. (The output varies with device models.)