NAT logging:
Log enable : Disabled
Flow-begin : Disabled
Flow-end
Flow-active: Disabled
NAT mapping behavior:
Mapping mode: Address and Port-Dependent
ACL
NAT ALG:
DNS: Enabled
FTP: Enabled
H323: Enabled
ICMP-ERROR: Enabled
# Use the display nat session verbose command to display NAT session information generated when
external hosts access an internal FTP server.
[Router] display nat session verbose
Initiator:
Source
Destination IP/port: 202.38.1.1/21
VPN instance/VLAN ID/VLL ID: -/-/-
Protocol: TCP(6)
Responder:
Source
Destination IP/port: 202.38.1.25/53957
VPN instance/VLAN ID/VLL ID: -/-/-
Protocol: TCP(6)
State: TCP_ESTABLISHED
Application: FTP
Start time: 2012-08-16 11:06:07
Interface(in) : GigabitEthernet1/2
Interface(out): GigabitEthernet1/1
Initiator->Responder:
Responder->Initiator:
Total sessions found: 5
NAT with DNS mapping configuration example
Network requirements
As shown in
provide services for external user. The company has three public addresses 202.38.1.1 through
202.38.1.3. The DNS server at 202.38.1.4 is on the external network.
10.110.10.2/21
10.110.10.3/21
: Disabled
: ---
IP/port: 202.38.1.25/53957
IP/port: 10.110.10.3/21
Figure
62, the internal Web server at 10.1 10.10.1/16 and FTP server at 10.1 10.10.2/16
(Connections: 2)
(Connections: 2)
TTL: 26s
1 packets
60 bytes
2 packets
120 bytes
150