432 ExtremeWare Software 7.3.0 Command Reference Guide
NAT Commands
configure nat vlan
configure nat vlan <vlan name> [inside | outside | none]
Description
Configures a VLAN to participate in NAT.
Syntax Description
Default
N/A.
Usage Guidelines
When a VLAN is configured to be
inside
, traffic from that VLAN is translated only if it has a matching
NAT rule. Any unmatched traffic will be routed normally and not be translated. When a VLAN is
configured to be
outside
, it routes all traffic.
Because all traffic runs through the central processing unit (CPU), it cannot run at line-rate.
Normally, outside traffic will be able to initiate connections to the internal private IP addresses. If you
want to prevent this, you can create IP and ICMP access-lists on the outside VLAN ports to deny traffic
destined for the inside IP addresses. There is a NAT performance penalty when you do this.
When a VLAN is configured to be
none
, all NAT functions are disabled and the VLAN operates
normally.
Example
The following command configures the VLAN out_vlan_1 as an outside VLAN for use with NAT:
configure nat vlan out_vlan_1 outside
History
This command was first available in ExtremeWare 6.2.
Platform Availability
This command is available on all platforms.
vlan name Specifies a VLAN name.
inside Specifies that the VLAN is an inside VLAN.
outside Specifies that the VLAN is an outside VLAN.
none Disables NAT functions on this VLAN.
To Next Page
Loading...