ESR series service routers.ESR-Series. User manual
Step Description Command Keys
15 Specify the action 'translation of
source address and port' for the
traffic meeting the requirements of
'match' command.
esr(config-snat-rule)# action
source-nat { off |
pool <NAME> | netmap
<ADDR/LEN> [static] |
interface [FIRST_PORT –
LAST_PORT] }
off – translation is disabled;
pool<NAME> – name of the pool
that contains IP addresses and/or
TCP/UDP ports set;
netmap <ADDR/LEN> – subnet IP
address and mask used during
translation; static – option for static
NAT organization.
The parameter is defined as
AAA.BBB.CCC.DDD/EE where each
part AAA-DDD takes values of
[0..255] and EE takes values of
[1..32].
interface [FIRST_PORT –
LAST_PORT] – specify the
translation to the interface IP
address. If the range of TCP/UDP
ports is additionally specified, the
translation will occur only for the
sender TCP/UDP ports included in
the specified range.
16 Activate a configured rule. esr(config-snat-rule)# enable
17 Enable application layer session
tracking for FTP, SIP, H323, netbios-
ns, PPTP protocols (optional).
esr(config)# ip firewall
sessions tracking
{<PROTOCOL> | sip [ port
<OBJECT-GROUP-SERVICE> ] |
all}
all – enables application layer
session tracking for all available
protocols;
<PROTOCOL> –application layer
protocol whose sessions need to be
monitored, takes values of [ftp, h323,
pptp, netbios-ns];
<OBJECT-GROUP-SERVICE> –
profile name of the TCP/UDP ports
of the sip session, specified as a
string of up to 31 characters. If the
group is not specified, then sip
sessions will be monitored for port
5060.
18 Enable IP address translation in
application level headers (optional).
esr(config)# nat alg
{<PROTOCOL> | all}
all – enables IP address translation
in headers of all available protocols;
<PROTOCOL> –application layer
protocol whose sessions need to be
monitored, takes values of [ftp, h323,
pptp, netbios-ns].
To Next Page
Loading...