144
Step Command Remarks
interface-number
5. Enable static NAT on the
interface.
nat static enable
By default, static NAT is disabled.
Configuring inbound one-to-one static NAT
For address translation from a public IP address to a private IP address, configure inbound
one-to-one static NAT.
• When the source IP address of a packet from the public network to the private network matches
the global-ip, the source IP address is translated into the local-ip.
• When the destination IP address of a packet from the private network to the public network
matches the local-ip, the destination IP address is translated into the global-ip.
To configure inbound one-to-one static NAT:
Step Command Remarks
1. Enter system view.
system-view
N/A
2. Configure a one-to-one
mapping for inbound static
NAT.
nat static inbound
global-ip
[
vpn-instance
global-vpn-instance-name ]
local-ip [
vpn-instance
local-vpn-instance-name ] [
acl
{ ipv4-acl-number |
name
ipv4-acl-name } [
reversible
] ]
[
disable
]
By default, no mappings exist.
If you specify the
acl
keyword,
NAT processes only packets
permitted by the ACL.
3. Return to system view.
quit
N/A
4. Enter interface view.
interface
interface-type
interface-number
N/A
5. Enable static NAT on the
interface.
nat static enable
By default, static NAT is disabled.
Configuring inbound net-to-net static NAT
For address translation from a public network to a private network, configure inbound net-to-net
static NAT.
• When the source IP address of a packet from the public network matches the public address
range, the source IP address is translated into a private address in the private address range.
• When the destination IP address of a packet from the private network matches the private
address range, the destination IP address is translated into a public address in the public
address range.
To configure inbound net-to-net static NAT:
Step Command Remarks
1. Enter system view.
system-view
N/A
2. Configure a net-to-net
mapping for inbound static
NAT.
nat static inbound net-to-net
global-start-address
global-end-address
[
vpn-instance
By default, no mappings exist.
If you specify the
acl
keyword,
NAT processes only packets
To Next Page
Loading...
Need help?
General
