Nat dns mapping configuration example, Network requirements, Configuration procedure – H3C Technologies H3C SecPath F1000-E User Manual
Page 36
29
# Configure the internal FTP server.
[SecPath-GigabitEthernet0/2] nat server protocol tcp global 202.38.1.1 21 inside
10.110.10.3 ftp
# Configure the internal Web server 1.
[SecPath-GigabitEthernet0/2] nat server protocol tcp global 202.38.1.1 80 inside
10.110.10.1 www
# Configure the internal Web server 2.
[SecPath-GigabitEthernet0/2] nat server protocol tcp global 202.38.1.1 8080 inside
10.110.10.2 www
# Configure the internal SMTP server.
[SecPath-GigabitEthernet0/2] nat server protocol tcp global 202.38.1.1 smtp inside
10.110.10.4 smtp
[SecPath-GigabitEthernet0/2] quit
# Bind the NAT service interface 5/1 with GigabitEthernet 0/2.
[SecPath] interface nat 5/1
[SecPath-NAT5/1] nat binding interface gigabitethernet 0/2
[SecPath-NAT5/1] quit
NAT DNS mapping configuration example
Network requirements
As shown in
, a company provides Web and FTP services to external users, and uses internal
IP network segment 10.110.0.0/16. The IP addresses of the Web and FTP servers are 10.110.10.1/16 and
10.110.10.2/16 respectively. The company has three public addresses 202.38.1.1/24 through
202.38.1.3/24. The DNS server is at 202.38.1.4/24.
•
The public IP address 202.38.1.2 is used to provide services to external users.
•
External users can use the public address or domain name of internal servers to access them.
•
Internal users can access the internal servers by using their domain names.
Figure 28 Network diagram
Configuration procedure
# As shown in
, configure the IP addresses for the interfaces. (Details not shown.)
# Enter the view of interface GigabitEthernet 0/2.
<SecPath> system-view
FTP server
10.110.10.2/16
Host A
10.110.10.3/16
Internet
GE0/1
10.110.10.10/16
GE0/2
202.38.1.1/24
Web server
10.110.10.1/16
DNS server
202.38.1.4/24
Host B
202.38.1.10/24
SecPath