ESR series service routers.ESR-Series. User manual
Solution:
Begin configuration with network interface configuration and disabling the firewall:
esr(config)# interface gigabitethernet 1/0/1
esr(config-if-gi)# ip address 21.12.2.1/24
esr(config-if-gi)# ip firewall disable
esr(config-if-gi)# exit
esr(config)# interface tengigabitethernet 1/0/1
esr(config-if-te)# ip address 200.10.0.1/24
esr(config-if-te)# ip firewall disable
esr(config-if-te)# exit
For Static NAT configuration, create 'LOCAL_NET' LAN address profile, that includes local subnet, and
'PUBLIC_POOL' public network address profile.
esr(config)# object-group network LOCAL_NET
esr(config-object-group-network)# ip prefix 21.12.2.0/24
esr(config-object-group-network)# exit
esr(config)# object-group network PUBLIC_POOL
esr(config-object-group-network)# ip prefix 200.10.0.0/24
esr(config-object-group-network)# exit
The range of public network addresses for Static NAT use is specified in 'PROXY' profile:
esr(config)# object-group network PROXY
esr(config-object-group-network)# ip address-range 200.10.0.100-200.10.0.150
esr(config-object-group-network)# exit
Configure Static NAT service in SNAT configuration mode. In the set attributes, specify that the rules are
applying only to packets transferred to public network through te1/0/1 port. The rules include data source
address test for belonging to 'LOCAL_NET' pool and destination addresses test for belonging to
'PUBLIC_POOL' pool.
esr(config)# nat source
esr(config-snat)# ruleset SNAT
esr(config-snat-ruleset)# to interface te1/0/1
esr(config-snat-ruleset)# rule 1
esr(config-snat-rule)# match source-address LOCAL_NET
esr(config-snat-rule)# action source-nat netmap 200.10.0.0/24 static
esr(config-snat-rule)# enable
esr(config-snat-rule)# exit
esr(config-snat-ruleset)# exit
To Next Page
Loading...
Need help?
General
