Nat Vpn Limit - H3C S9500 Series Command Manual

Command Manual – NAT
H3C S9500 Series Routing Switches
Caution:
You need to configure QACL redirection after binding VLAN 192 to the VPN.

1.1.22 nat vpn limit

Syntax
nat vpn limit [ vpn-instance vpn-name ] user-limit flow-limit
undo nat vpn limit [ vpn-instance vpn-name ]
View
System view
Parameters
vpn-instance vpn-name: Name of a VPN instance. If this argument is not specified, it
limits the number of users and connections in the non-VPN private network side.
user-limit: Maximum number of users in a VPN translated by NAT. The sum of the
maximum user numbers configured in VPNs cannot exceed 8,192.
flow-limit: Maximum number of unidirectional connections in a VPN translated by NAT.
The sum of the maximum connection numbers configured in VPNs cannot exceed
1,257,291.
Description
Use the nat vpn limit command to configure the maximum numbers of users and
connections in the specified VPN. You must configure this command before configuring
NAT bindings and blacklists. Because NP need not set up streams for NAT translation
in the NO-PAT mode, this command is effective only for NAT translation in the PAT
mode.
Use the undo nat vpn limit command to disable the configured maximum numbers of
users and connections in the specified VPN.
The maximum number of connections configured in the blacklist is limited by the
maximum number of connections in the VPN. If the number of streams established in
the VPN has reached the upper limit, you cannot create new connections any more.
Chapter 1 NAT Configuration Commands
1-27