EasyManua.ls Logo

HPE FlexNetwork MSR Series - Configuring Static NAT; Configuration Prerequisites; Configuring Outbound One-To-One Static NAT; Configuring Outbound Net-To-Net Static NAT

HPE FlexNetwork MSR Series
554 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
142
Configuring static NAT
Static NAT includes one-to-one static NAT and net-to-net static NAT for outbound and inbound
translation. Do not configure inbound static NAT alone. Typically, inbound static NAT functions with
outbound dynamic NAT, NAT Server, or outbound static NAT to implement bidirectional NAT.
Configuration prerequisites
Perform the following tasks before configuring static NAT:
Configure an ACL to identify the IP addresses to be translated. The match criteria include the
source IP address, source port number, destination IP address, destination port number,
transport layer protocol, and VPN instance. For more information about ACLs, see ACL and
QoS Configuration Guide.
Manually add a route for inbound static NAT. Use local-ip or local-network as the destination
address, and use global-ip, an address in global-network, or the next hop directly connected to
the output interface as the next hop.
Configuring outbound one-to-one static NAT
For address translation from a private IP address to a public IP address, configure outbound
one-to-one static NAT on the interface connected to the external network.
When the source IP address of a packet from the private network matches the local-ip, the
source IP address is translated into the global-ip.
When the destination IP address of a packet from the public network matches the global-ip, the
destination IP address is translated into the local-ip.
To configure outbound one-to-one static NAT:
Step Command Remarks
1. Enter system view.
system-view
N/A
2. Configure a one-to-one
mapping for outbound static
NAT.
nat static outbound
local-ip
[
vpn-instance
local-vpn-instance-name ]
global-ip [
vpn-instance
global-vpn-instance-name ] [
acl
{ ipv4-acl-number |
name
ipv4-acl-name } [
reversible
] ]
[
disable
]
By default, no mappings exist.
If you specify the
acl
keyword,
NAT processes only packets
matching the permit rule in the
ACL.
3. Return to system view.
quit
N/A
4. Enter interface view.
interface
interface-type
interface-number
N/A
5. Enable static NAT on the
interface.
nat static enable
By default, static NAT is disabled.
Configuring outbound net-to-net static NAT
For address translation from a private network to a public network, configure outbound net-to-net
static NAT on the interface connected to the external network.
When the source IP address of a packet from the private network matches the private address
range, the source IP address is translated into a public address in the public address range.

Table of Contents

Other manuals for HPE FlexNetwork MSR Series

Preview: Configuration Guide
Configuration Guide861 pages
Preview: Comware 5 Layer 2 - Wan Access Configuration Guide
Comware 5 Layer 2 - Wan Access Configuration Guide420 pages
Preview: Guide
Guide213 pages
Preview: Command Reference
Command Reference120 pages
Preview: Comware 5 Security Configuration Guide
Comware 5 Security Configuration Guide547 pages

Related product manuals