ESR series service routers.ESR-Series. User manual
16.2 Destination NAT configuration
Destination NAT (DNAT) function includes destination IP address translation for packets transferred through
the network gateway.
DNAT is used for redirection of traffic, coming to a specific 'virtual' address in a public network, to a 'real'
server in LAN located behind the network gateway. This function may be used for establishing a public access
to servers located within the private network without any public network address.
16.2.1 Configuration algorithm
Step Description Command Keys
1 Switch to the configuration
mode of destination address
translation service.
esr(config)# nat destination
2 Create a pool of IP addresses
and/or TCP/UDP ports with a
specific name (optional).
esr(config-dnat)# pool <NAME> <NAME> – NAT addresses pool name,
set by the string of up to 31
characters.
3 Set the internal IP address
which will replace a destination
IP address.
esr(config-dnat-pool)# ip
address <ADDR>
<ADDR> – IP address, defined as
AAA.BBB.CCC.DDD where each part
takes values of [0..255].
4 Set the internal TCP/UDP port
which will replace a destination
TCP/UDP port.
esr(config-dnat-pool)# ip port
<PORT>
<PORT> – TCP/UDP port, takes values
of [1..65535].
5 Create a rule group with a
specific name.
esr(config-dnat)# ruleset
<NAME>
<NAME> – rule group name, set by the
string of up to 31 characters.
6 Specify VRF instance, in which
the given rule group will
operate (optional).
esr(config-dnat-ruleset)# ip vrf
forwarding <VRF>
<VRF> – VRF name, set by the string of
up to 31 characters.
7 Set the rule group scope. The
rules will be applied only to
traffic coming from a certain
zone or interface.
esr(config-dnat-ruleset)# from
{ zone <NAME>
| interface <IF> | tunnel <TUN> |
default }
<NAME> – isolation zone name;
<IF> – device interface name;
<TUN> – device tunnel name;
default – denotes a group of rules for
all traffic, the source of which did not
fall under the criteria of other groups
of rules.
8 Specify a rule with a certain
number. The rules are
proceeded in ascending order.
esr(config-dnat-ruleset)# rule
<ORDER>
<ORDER> – rule number, takes values
of [1..10000].
To Next Page
Loading...
Need help?
General
