Static nat configuration example – Brocade Communications Systems ServerIron ADX 12.4.00a User Manual

102

ServerIron ADX Security Guide

53-1002440-03

Configuring NAT

4

ServerIronADX(config)# interface ethernet 1/1

ServerIronADX(config-if-e1000-1/5) ip address 30.30.0.1 255.255.0.0

ServerIronADX(config-if-e1000-1/5) ip nat outside

The following command creates a pool of IP NAT addresses from 15.15.15.15 to 15.15.15.25
named p1.

ServerIronADX(config)# ip nat pool p1 15.15.15.15 15.15.15.25 prefix-len 24

An ACL is created to permit traffic from inside hosts in the 20.20.0.0 network as shown.

ServerIronADX(config)# access-list 1 permit 20.20.0.0 0.0.255.255

The following command ties the inside source list defined in ACL “1” to the pool named “p1” and
enables PAT to send traffic out the interface defined as “outside”.

ServerIronADX(config)# ip nat inside source list 1 pool p1

Static NAT configuration example

The following examples describe how to configure a Static NAT configuration for Inside to Outside
and Outside to Inside translation for the example shown in

Figure 8

.

FIGURE 8

Example of a static NAT configuration using router code

Configured for inside to outside translation
In the following example, the ServerIron ADX is configured to translate the local host IP address
20.20.5.6 to the unique global address 15.15.15.15.

This example requires that Interfaces 1/5 and 1/1 be configured as Inside and Outside interfaces
respectively as shown.

ServerIronADX(config)# interface ethernet 1/5

ServerIronADX(config-if-e1000-1/5) ip address 20.20.50.1 255.255.0.0

ServerIronADX(config-if-e1000-1/5) ip nat inside

Remote Server

Internet

Inside Interface

Outside Interface

1/1

1/5

Global IP address: 15.15.15.15

Local IP address: 20.20.5.6

SI