Configuring ACL-based NAT Server

ACL-based NAT Server is an extension of common NAT Server. Common NAT Server maps the private IP address of the internal server to a single public IP address. ACL-based NAT Server maps the private IP address of the internal server to a set of public IP addresses defined by an ACL. If the destination address of a packet matches a permit rule, the destination address is translated into the private IP address of the internal server.

To configure ACL-based NAT Server on M9006, M9010, or M9014, the ACL rules cannot use object groups as match criteria.

To configure ACL-based NAT Server:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter interface view.	interface interface-type interface-number	N/A
3. Configure ACL-based NAT Server.	nat server global { ipv4-acl-number \| name ipv4-acl-name } inside local-address [ local-port ] [ vpn-instance local-vpn-instance-name ] [ disable ]	By default, no ACL-based NAT Server mappings exist. You can configure multiple NAT Server mappings on an interface.

Step

Command

Remarks

1. Enter system view.

system-view

N/A

2. Enter interface view.

interface interface-type interface-number

N/A

3. Configure ACL-based NAT Server.

nat server global { ipv4-acl-number | name ipv4-acl-name } inside local-address [ local-port ] [ vpn-instance local-vpn-instance-name ] [ disable ]

By default, no ACL-based NAT Server mappings exist.

You can configure multiple NAT Server mappings on an interface.

prev	up	next
Configuring load sharing NAT Server	home	Configuring NAT444