124
Bidirectional NAT
NAT translates the source and destination IP addresses of incoming packets on the receiving
interface and outgoing packets on the sending interface.
Bidirectional NAT is applied when source and destination addresses overlap.
Twice NAT
Twice NAT translates the destination IP address on the receiving interface, and the source IP
address on the sending interface. The receiving and sending interfaces are both NAT interfaces.
Twice NAT allows VPNs with overlapping addresses to access each other.
NAT hairpin
NAT hairpin allows internal hosts to access each other through NAT. The source and destination IP
address of the packets are translated on the interface connected to the internal network.
NAT hairpin includes P2P and C/S modes:
• P2P—Allows internal hosts to access each other through NAT.
• C/S—Allows internal hosts to access internal servers through NAT.
NAT control
You can use ACLs to implement NAT control. The match criteria in the ACLs include the source IP
address, source port number, destination IP address, destination port number, transport layer
protocol, and VPN instance. Only packets permitted by an ACL are processed by NAT.
Command and hardware compatibility
Commands and descriptions for centralized devices apply to the following routers:
• MSR1002-4/1003-8S.
• MSR2003.
• MSR2004-24/2004-48.
• MSR3012/3024/3044/3064.
• MSR954(JH296A/JH297A/JH298A/JH299A)
Commands and descriptions for distributed devices apply to MSR4060 and MSR4080 routers.
NAT implementations
Static NAT
Static NAT creates a fixed mapping between a private address and a public address. Static NAT
allows bidirectional connection initiation, both from and to the internal host. Static NAT applies to
regular communications.
Dynamic NAT
Dynamic NAT uses an address pool to translate addresses. Dynamic NAT includes Not Port Address
Translation (NO-PAT) and Port Address Translation (PAT) modes.
To Next Page
Loading...
Need help?
General
