Configuring dynamic NAT444
Dynamic NAT444 is applicable when the private IP addresses are not fixed.
To configure dynamic NAT444:
Step | Command | Remarks |
---|---|---|
1. Enter system view. | system-view | N/A |
2. Create a NAT address group, and enter its view. | nat address-group group-id [ name group-name ] | By default, no NAT address groups exist. |
3. Add a public IP address range to the NAT address group. | address start-address end-address | By default, no public IP address ranges exist. You can add multiple public IP address ranges to an address group, but they cannot overlap. |
4. Configure the port range for the public IP addresses. | port-range start-port-number end-port-number | By default, the port range is 1 to 65535. The configuration takes effect only on PAT translation mode. |
5. Configure port block parameters. | port-block block-size block-size [ extended-block-number extended-block-number ] | By default, no port block parameters exist. The configuration takes effect only on PAT translation mode. |
6. Return to system view. | quit | N/A |
7. Enter interface view. | interface interface-type interface-number | N/A |
8. Configure PAT for outbound dynamic NAT. | nat outbound [ ipv4-acl-number | name ipv4-acl-name ] [ address-group { group-id | name group-name } ] [ vpn-instance vpn-instance-name ] [ port-preserved ] [ disable ] | By default, no outbound dynamic NAT rules exist. The port-preserved keyword does not take effect on dynamic NAT444. |
9. Return to system view. | quit | N/A |
10. (Optional.) Configure a PAT mapping mode. | nat mapping-behavior endpoint-independent [ acl { ipv4-acl-number | name ipv4-acl-name } ] | The default mapping mode is Address and Port-Dependent Mapping. |
11. (Optional.) Enable dynamic NAT444 service synchronization. | nat port-block synchronization enable | By default, dynamic NAT444 service synchronization is disabled. |