Source NAT Configuration
Except on the first page, right running head:
Heading1 or Heading1NewPage text (automatic)
693
Alcatel-Lucent
Beta Beta
OmniAccess 5740 Unified Services Gateway CLI Configuration Guide
TO ATTACH A NAT POLICY TO AN INTERFACE
Note: Each interface can have only one ingress and one egress NAT policy.
E
XAMPLE
In the example below, HTTP requests initiated from internal network will be
translated and sent to external network. Returning HTTP responses are
automatically allowed and translated even if there is a filter to block:
ALU(config)# match-list m1
ALU(config-match-list m1)# tcp any any service http
ALU(config)# exit
ALU(config)# ip filter f1
ALU(config-filter f1)# match m1 deny
ALU(config)# exit
ALU(config)# ip nat n1
ALU(config-nat n1)# match m1 source-nat
ALU(config)# exit
ALU(config)# interface GigabitEthernet 3/0
ALU(config-if GigabitEthernet3/0)# ip filter in f1
ALU(config-if GigabitEthernet3/0)# ip nat out n1
Command (in ICM) Description
ip nat {in|out} <nat policy-
name>
Enter this command in the Interface
Configuration Mode.
This command is used to attach a NAT
policy to an interface in ‘in’ or ‘out’
direction.
The keyword "in" signifies that ingress
traffic is subjected to the NAT, only if all
classifiers in this NAT object are
matched.
The keyword "out" denotes that egress
traffic is subjected to the NAT, if all
classifiers in this NAT object are
matched.
To Next Page
Loading...
Need help?
General
