8.4.3
NAT Configuration
Configuration using CLI
[SNAT Configuration using Access List]
To add Source NAT (SNAT) using an access-list, execute the command as follows:
1) Go to the configure mode of the CLI.
WEC8500# configure terminal
2) Create an access-list.
WEC8500/configure# access-list fw fw1 deny any 10.10.10.10/32 any
3) Create a NAT pool.
WEC8500/configure# ip nat pool pool1 30.30.30.1 30.30.30.1
255.255.255.0
4) Configure a NAT to the interface.
WEC8500/configure# interface vlan1.30
WEC8500/configure/interface vlan1.30# ip nat inside
WEC8500/configure/interface vlan1.30#exit
5) Add the NAT rule by using access-list and pool.
WEC8500/configure# ip nat outside source list fw1 pool pool1
© SAMSUNG Electronics Co., Ltd.
Figure 234. Access-list configuration
CHAPTER 8. Security
page 427 of 689