Configuring object group-based inbound static NAT

Configure object group-based inbound static NAT to translate public IP addresses into private IP addresses.

An IPv4 address object group used by an object group-based inbound static NAT mapping can only contain a host object or a subnet object. Otherwise, the configuration does not take effect.

To configure object group-based inbound static NAT:

Step

Command

Remarks

1. Enter system view.

system-view

N/A

2. Configure an object group-based inbound static NAT mapping.

nat static inbound object-group global-object-group-name [ vpn-instance global-vpn-instance-name ] object-group local-object-group-name [ vpn-instance local-vpn-instance-name ] [ acl { ipv4-acl-number | name ipv4-acl-name } [ reversible ] ] [ disable ]

By default, no mappings exist.

If you specify the acl keyword, NAT processes only packets permitted by the ACL.

3. Return to system view.

quit

N/A

4. Enter interface view.

interface interface-type interface-number

N/A

5. Enable static NAT on the interface.

nat static enable

By default, static NAT is disabled.