120
Configuring inbound one-to-one static NAT
Configure inbound one-to-one static NAT for address translation between a private IP address and a
public IP address.
•
When the source IP address of a packet from the public network to the private network matches the
global-ip
, the IP address is translated to the
local-ip
.
•
When the destination IP address of a packet from the private matches the
local-ip
, the source IP
address is translated to the
global-ip
.
To configure inbound one-to-one static NAT:
Step Command
Remarks
1.
Enter system view.
system-view
N/A
2.
Configure a one-to-one
mapping for inbound static
NAT.
nat static inbound
global-ip
[
vpn-instance
global-name
]
local-ip
[
vpn-instance
local-name
]
[
acl
acl-number
[
reversible
] ]
By default, no mappings exist.
If you specify the
acl
keyword, Nat
processes only packets matching
the permit statement in the ACL.
3.
Return to system view.
quit
N/A
4.
Enter interface view.
interface
interface-type
interface-number
N/A
5.
Enable static NAT on the
interface.
nat static enable
By default, static NAT is disabled.
Configuring inbound net-to-net static NAT
Configure inbound net-to-net static NAT for translation between a private network and a public network.
•
When the source IP address of a packet from the public network matches the external NAT address
pool, the source IP address is translated into a private address in the internal NAT address pool.
•
When the destination IP address of a packet from the private network matches the internal NAT
address pool, the destination IP address is translated into a public address in the external NAT
address pool.
To configure inbound net-to-net static NAT:
Step Command
Remarks
1.
Enter system view.
system-view
N/A
2.
Configure a net-to-net
mapping for inbound static
NAT.
nat static inbound net-to-net
global-start-address
global-end-address
[
vpn-instance
global -name
]
local
local-network
{
mask-length
|
mask
}
[
vpn-instance
local-name
] [
acl
acl-number
[
reversible
] ]
By default, no mappings exist.
If you specify the
acl
keyword,
NAT processes only packets
matching the permit statement in
the ACL.
3.
Return to system view.
quit
N/A
4.
Enter interface view.
interface
interface-type
interface-number
N/A
Summary of Contents for MSR 2600 Series
Page 6: ...We appreciate your comments...
Page 33: ...18 AC vlan1 quit...
Page 118: ...103...