1. Manuals
  2. Brands
  3. H3C Manuals
  4. Network Router
  5. S9500 Series
  6. Command manual

H3C S9500 Series Command Manual page 24

Routing switches
Hide thumbs Also See for S9500 Series:
Table of Contents

Advertisement

Command Manual – NAT
H3C S9500 Series Routing Switches
Caution:
Up to 256 internal server translation commands can be configured for a VLAN
interface.
One command can be used to configure up to 128 internal servers.
Up to 4,096 internal TCP and UDP servers can be configured for a VLAN interface.
Only the same NAT LPU can be configured for a VLAN interface.
Up to 1,024 internal server translation commands are supported by the system.
Up to 512 AnyServers are supported by the system.
The public address of an AnyServer cannot conflict with any interface public IP
addresses or other public addresses used by NAT; the private address of the
AnyServer cannot conflict with those configured in the static address translation
entries or those of the servers of the same protocol.
Do not execute the undo nat server command too often after the configuration is
stable.
Address translation is performed on the NAT LPU. Because packets sent from the
private network will not be delivered to the NAT LPU by default, you need to
reference QACLs on the receiving interface to redirect those packets to the NAT
LPU. You do not need to specify the DIP in the response packet sent from the public
network because it is the public network address corresponding to the internal
server.
IP addresses cannot be used as vpn-name. If you use IP addresses as VPN names,
the CLI treats them as IP addresses uniformly.
The interface configured with this command should be connected to the ISP and acts
as the egress of the internal network.
Examples
# Specify the IP address of the internal WWW server in the LAN VPN1 as 10.110.10.10,
the IP address of the internal FTP server as 10.110.10.11, and allow external hosts to
access the WWW server and FTP server by http://202.110.10.10:8080 and
ftp://202.110.10.10 respectively. Specify the IP address of the internal server providing
TCP and UDP services as 10.110.10.12 and the corresponding external address as
202.110.10.12. Suppose that VLAN-interface 2 is connected to the ISP.
<H3C> system-view
[H3C] interface Vlan-interface 2
[H3C-Vlan-interface2] nat server protocol tcp global 202.110.10.10 8080 inside
VPN1 10.110.10.10 www slot 3
[H3C-Vlan-interface2] nat server protocol tcp global 202.110.10.10 ftp inside
VPN1 10.110.10.10 ftp slot 3
Chapter 1 NAT Configuration Commands
1-23

Advertisement

Table of Contents
loading

Related Manuals for H3C S9500 Series

Related Products for H3C S9500 Series

Table of Contents