Configuring a nat in the cli, Nat configuration task list, Configuring address translation – H3C Technologies H3C SecBlade FW Cards User Manual

Page 24: Introduction to address translation

Advertising
background image

17

Select 6(TCP) for Protocol Type.

Click the radio button next to Assign IP Address, and then type 202.38.1.1 for Global IP.

Select the upper radio button next to Global Port and type 8080.

Type 10.110.10.2 in Internal IP.

Type 80 in Internal Port.

Click Apply.

Configuring a NAT in the CLI

NAT configuration task list

Complete the following tasks to configure NAT:

Task Remarks

Configuring address translation

Configuring static NAT

Either is required

Configuring dynamic NAT

Configuring an internal server

Required

Configuring DNS mapping

Optional

Setting NAT connection limits

Optional

NOTE:

If the NAT configuration (address translation or internal server configuration) on an interface is changed,
save the configuration and reboot the device, to avoid problems. The following problems may occur: After

you delete the NAT-related configuration, address translation can still work for sessions already created;
if you configure NAT when NAT is running, the same configuration may have different results because of

different configuration orders.

Configuring address translation

Introduction to address translation

A NAT device can be configured with or dynamically generate mappings to translate between internal
and external network addresses. Address translation can be classified into static and dynamic NAT.

Static NAT

Mappings between external and internal network addresses are manually configured. Static NAT can

meet fixed access requirements of a few users.

Dynamic NAT

A dynamic NAT entry is generated dynamically. Dynamic NAT is implemented by associating an ACL

with an address pool (or the address of an interface in the case of Easy IP). This association defines what
packets can use the addresses in the address pool (or the interface’s address) to access the external

network. Dynamic NAT is applicable to the network environment where a large number of internal users

need to access external networks. An IP address is selected from the associated address pool to translate

an outgoing packet. After the session terminates, the selected IP address is released.
Both static NAT and dynamic NAT support NAT multiple-instance as long as the VPN instance of an IP

address is provided.

Advertising
This manual is related to the following products:

H3C SecBlade FW Enhanced Cards, H3C SecPath U200-A U200-M U200-S, H3C SecPath U200-CA U200-CM U200-CS

Popular Brands
Popular manuals