Cisco 4700M Configuration Manual page 348
Application control engine appliance security
Hide thumbs
Also See for 4700M:
- Administration manual (292 pages) ,
- Upgrade manual (24 pages) ,
- Installation manual (18 pages)
Table of Contents
Advertisement
Configuring Server Farm-Based Dynamic NAT
Table 5-2
Task and Command Example
5.
6.
7.
8.
9.
Cisco 4700 Series Application Control Engine Appliance Security Configuration Guide
5-22
Sever Farm-Based Dynamic NAT Configuration Quick Start
(continued)
Configure a local interface (client VLAN) to filter and receive client traffic.
If you are operating the ACE in one-arm mode, omit this step.
host1/C1(config)# interface vlan 100
host1/C1(config-if)# mtu 1500
host1/C1(config-if)# ip address 192.168.12.100 255.255.255.0
host1/C1(config-if)# no shutdown
host1/C1(config-if)# exit
Configure a second interface (server VLAN) for the NAT pool.
host1/C1(config)# interface vlan 200
host1/C1(config-if)# mtu 1500
host1/C1(config-if)# ip address 172.27.16.200 255.255.255.0
host1/C1(config-if)# no shutdown
host1/C1(config-if)# exit
Configure a Layer 7 load-balancing class map and define match criteria.
host1/C1(config)# class-map type http loadbalance match-any
L7_CLASS
host1/C1(config-cmap-http-lb)# match http content .*cisco.com
Configure a Layer 7 load-balancing policy map and associate the class map
with the policy map.
host1/C1(config)# policy-map type loadbalance http first-match
L7_POLICY
host1/C1(config-pmap-lb)# class L7_CLASS
host1/C1(config-pmap-lb-c)#
Configure server farm-based dynamic NAT as a policy-map action in the
Layer 7 load-balancing policy. You can configure multiple instances of this
command for each primary and backup serverfarm and each outgoing server
VLAN.
host1/C1(config-pmap-lb-c)# nat dynamic 1 vlan 200 serverfarm
primary
host1/C1(config-pmap-lb-c)# exit
host1/C1(config-pmap-lb)# exit
host1/C1(config)#
Chapter 5
Configuring Network Address Translation
OL-16202-01
Advertisement
Table of Contents
