127
The session management module maintains the updating and aging of NAT session entries. For
information about session management, see Security Configuration Guide.
EIM entry
An EIM entry maps a private address/port to a public address/port. The same EIM entry applies to
subsequent connections originating from the same source IP and port.
An EIM entry ages out after all related NAT session entries age out.
NO-PAT entry
A NO-PAT entry maps a private address to a public address. The same mapping applies to
subsequent connections originating from the same source IP.
A NO-PAT entry can also be created during the ALG process for NAT. For information about NAT with
ALG, see "NAT with ALG."
A
NO-PAT entry ages out after all related NAT session entries age out.
Using NAT with other features
VRF-aware NAT
The following matrix shows the feature and hardware compatibility:
Hardware VRF-aware NAT compatibility
MSR954(JH296A/JH297A/JH298A/JH299A) No
MSR1002-4/1003-8S Yes
MSR2003 Yes
MSR2004-24/2004-48 Yes
MSR3012/3024/3044/3064 Yes
MSR4060/4080 Yes
VRF-aware NAT allows users from different VRF (VPN instances) to access external networks and
to access each other.
1. Upon receiving a request from a user in a VRF to an external network, NAT performs the
following tasks:
{ Translates the private source IP address and port number to a public IP address and port
number.
{ Records the VRF information, such as the VRF name.
2. When a response packet arrives, NAT performs the following tasks:
{ Translates the destination public IP address and port number to the private IP address and
port number.
{ Forwards the packet to the target VRF.
To Next Page
Loading...
Need help?
General
