Table of Contents
Advertisement
Configuring Network Address Translation (NAT)
NAT works with DNS by having the DNS Application Specific Gateway (ALG) translate an
address that appears in a Domain Name System response to a name or inverse lookup.
NAT works with FTP by having the FTP ALG translate the FTP control payload. Both FTP PORT
CMD packets and PASV packets, containing IP address information within the data portion, are
supported.
The NAT implementation also supports the translation of the IP address embedded in the data
portion of following types of ICMP error message: destination unreachable (type3), source quench
(type4), redirect (type5), time exceeded (type 11) and parameter problem (type 12).
Purpose
To display and set NAT and NAPT configuration including dynamic pools, static and dynamic
NAT configurations, FTP control port, Force Flows, maximum entries and timeout values, and
clear active translations.
NAT Configuration Task List and Commands
Table
18‐1 lists the mandatory and optional tasks and commands for configuring NAT on the
Enterasys Matrix Series device. Commands are described in the associated sections as shown.
Table 18-1 NAT Configuration Task List and Commands
Task
Enable NAT on an inside or outside interface.
Define a NAT address pool.
Enable dynamic translation of inside source addresses.
Enable static NAT translation of inside source addresses. ip nat inside source static local-ip global-ip
Enable static NAPT translation of inside source
addresses.
Specify the NAT FTP control port.
Block the defined inside IP addresses from ever
appearing on an outside interface.
Configure the maximum number of translation entries.
Configure NAT translation timeout values.
Display active NAT translations.
Display NAT translation statistics.
Clear dynamic NAT translations.
Clear a specific active simple NAT translation.
Clear a specific dynamic NAT translation.
18-2 Network Address Translation (NAT) Configuration
Use these commands...
ip nat {inside | outside}
ip nat pool name start-ip-address
end-ip-address {netmask netmask |
prefix-length prefix-length}
ip nat inside source [list access-list] pool
pool-name [overload | interface vlan vlan-id
[overload]]
ip nat inside source static {tcp | udp} local-ip
local-port global-ip global-port
ip nat ftp-control-port port-number
ip nat secure-plus
ip nat translation max-entries number
ip nat translation {timeout | udp-timeout |
tcp-timeout | icmp-timeout | dns-timeout |
ftp-timeout} seconds
show ip nat translations [verbose]
show ip nat statistics [verbose]
clear ip nat translation
clear ip nat translation inside global-ip
local-ip
clear ip nat translation {tcp | upd} inside
global-ip global-port local-ip local-port
- Quick Links:
- Set Ip Address
Hide quick links:
Advertisement
Table of Contents
Need help?
Do you have a question about the Enterasys Matrix DFE-Gold Series and is the answer not in the manual?