145
Step Command Remarks
global-vpn-instance-name ]
local
local-network { mask-length |
mask } [
vpn-instance
local-vpn-instance-name
] [
acl
{ ipv4-acl-number |
name
ipv4-acl-name } [
reversible
] ]
[
disable
]
permitted by the ACL.
3. Return to system view.
quit
N/A
4. Enter interface view.
interface
interface-type
interface-number
N/A
5. Enable static NAT on the
interface.
nat static enable
By default, static NAT is disabled.
Configuring object group-based inbound static NAT
Configure object group-based inbound static NAT to translate public IP addresses into private IP
addresses.
• When the source address of a packet from the public network matches the public address
object group, the source address is translated into a private address in the private address
object group.
• When the destination address of a packet from the private network matches the private address
object group, the destination address is translated into a public address in the public address
object group.
To configure object group-based inbound static NAT:
Step Command Remarks
1. Enter system view.
system-view
N/A
2. Configure an object
group-based inbound static
NAT mapping.
nat static inbound object-group
global-object-group-name
[
vpn-instance
global-vpn-instance-name
]
object-group
local-object-group-name
[
vpn-instance
local-vpn-instance-name
] [
acl
{ ipv4-acl-number |
name
ipv4-acl-name } [
reversible
] ]
[
disable
]
By default, no mappings exist.
If you specify the
acl
keyword,
NAT processes only packets
permitted by the ACL.
3. Return to system view.
quit
N/A
4. Enter interface view.
interface
interface-type
interface-number
N/A
5. Enable static NAT on the
interface.
nat static enable
By default, static NAT is disabled.
Configuring dynamic NAT
Dynamic NAT translates a group of private IP addresses into a smaller number of public addresses.
You can specify an address group (or the IP address of an interface) and an ACL to implement
dynamic NAT.
To Next Page
Loading...
Need help?
General
