Configuring Static Nat; Configuration Prerequisites; Configuring Outbound One-To-One Static Nat; Configuring Outbound Net-To-Net Static Nat - HPE FlexNetwork MSR Series Comware 7 Layer 3 - Ip Services Configuration Manuals
Hide thumbs
Also See for FlexNetwork MSR Series:
- Configuration manual (861 pages) ,
- Comware 5 security configuration manual (547 pages) ,
- Comware 5 layer 2 - wan access configuration manual (420 pages)
Table of Contents
Advertisement
Configuring static NAT
Static NAT includes one-to-one static NAT and net-to-net static NAT for outbound and inbound
translation. Do not configure inbound static NAT alone. Typically, inbound static NAT functions with
outbound dynamic NAT, NAT Server, or outbound static NAT to implement bidirectional NAT.
Configuration prerequisites
Perform the following tasks before configuring static NAT:
•
Configure an ACL to identify the IP addresses to be translated. The match criteria include the
source IP address, source port number, destination IP address, destination port number,
transport layer protocol, and VPN instance. For more information about ACLs, see ACL and
QoS Configuration Guide.
•
Manually add a route for inbound static NAT. Use local-ip or local-network as the destination
address, and use global-ip, an address in global-network, or the next hop directly connected to
the output interface as the next hop.
Configuring outbound one-to-one static NAT
For address translation from a private IP address to a public IP address, configure outbound
one-to-one static NAT on the interface connected to the external network.
•
When the source IP address of a packet from the private network matches the local-ip, the
source IP address is translated into the global-ip.
•
When the destination IP address of a packet from the public network matches the global-ip, the
destination IP address is translated into the local-ip.
To configure outbound one-to-one static NAT:
Step
1.
Enter system view.
2.
Configure a one-to-one
mapping for outbound static
NAT.
3.
Return to system view.
4.
Enter interface view.
5.
Enable static NAT on the
interface.
Configuring outbound net-to-net static NAT
For address translation from a private network to a public network, configure outbound net-to-net
static NAT on the interface connected to the external network.
•
When the source IP address of a packet from the private network matches the private address
range, the source IP address is translated into a public address in the public address range.
Command
system-view
nat static outbound local-ip
[ vpn-instance
local-vpn-instance-name ]
global-ip [ vpn-instance
global-vpn-instance-name ] [ acl
{ ipv4-acl-number | name
ipv4-acl-name } [ reversible ] ]
[ disable ]
quit
interface interface-type
interface-number
nat static enable
142
Remarks
N/A
By default, no mappings exist.
If you specify the acl keyword,
NAT processes only packets
matching the permit rule in the
ACL.
N/A
N/A
By default, static NAT is disabled.
Advertisement
Table of Contents
Troubleshooting
Need help?
Do you have a question about the FlexNetwork MSR Series and is the answer not in the manual?