Configuring ACL-based NAT Server
ACL-based NAT Server is an extension of common NAT Server. Common NAT Server maps the private IP address of the internal server to a single public IP address. ACL-based NAT Server maps the private IP address of the internal server to a set of public IP addresses defined by an ACL. If the destination address of a packet matches a permit rule, the destination address is translated into the private IP address of the internal server.
To configure ACL-based NAT Server on M9006, M9010, or M9014, the ACL rules cannot use object groups as match criteria.
To configure ACL-based NAT Server:
Step | Command | Remarks |
---|---|---|
1. Enter system view. | system-view | N/A |
2. Enter interface view. | interface interface-type interface-number | N/A |
3. Configure ACL-based NAT Server. | nat server global { ipv4-acl-number | name ipv4-acl-name } inside local-address [ local-port ] [ vpn-instance local-vpn-instance-name ] [ disable ] | By default, no ACL-based NAT Server mappings exist. You can configure multiple NAT Server mappings on an interface. |