[x]

NAT configuration examples > Static NAT444 configuration example

 

 Next

Static NAT444 configuration example

Network requirements

As shown in Figure 67, configure static NAT444 to allow users at private IP addresses 10.110.10.1 to 10.110.10.10 to use public IP address 202.38.1.100 for accessing the Internet. Configure the port range as 10001 to 15000, and set the port block size to 500.

Figure 67: Network diagram

Configuration procedure

# Specify IP addresses for the interfaces on the router. (Details not shown.)

# Create NAT port block group 1.

<Router> system-view
[Router] nat port-block-group 1

# Add the private IP addresses from 10.110.10.1 to 10.110.10.10 to the port block group.

[Router-port-block-group-1] local-ip-address 10.110.10.1 10.110.10.10

# Add the public IP address 202.38.1.100 to the port block group.

[Router-port-block-group-1] global-ip-pool 202.38.1.100 202.38.1.100

# Set the port block size to 500.

[Router-port-block-group-1] block-size 500

# Configure the port range as 10001 to 15000.

[Router-port-block-group-1] port-range 10001 15000
[Router-port-block-group-1] quit

# Apply the port block group 1 to the outbound direction of GigabitEthernet 1/0/2.

[Router] interface gigabitethernet 1/0/2
[Router-GigabitEthernet1/0/2] nat outbound port-block-group 1
[Router-GigabitEthernet1/0/2] quit

Verifying the configuration

# Verify that users at the private IP addresses can access the Internet. (Details not shown.)

# Display all NAT configuration and statistics.

[Router] display nat all
NAT logging:
  Log enable          : Disabled
  Flow-begin          : Disabled
  Flow-end            : Disabled
  Flow-active         : Disabled
  Port-block-assign   : Disabled
  Port-block-withdraw : Disabled
  Alarm               : Disabled

NAT mapping behavior:
  Mapping mode : Address and Port-Dependent
  ACL          : ---
  Config status: Active

NAT ALG:
  DNS        : Enabled
  FTP        : Enabled
  H323       : Enabled
  ICMP-ERROR : Enabled
  ILS        : Enabled
  MGCP       : Enabled
  NBT        : Enabled
  PPTP       : Enabled
  RSH        : Enabled
  RTSP       : Enabled
  SCCP       : Enabled
  SIP        : Enabled
  SQLNET     : Enabled
  TFTP       : Enabled
  XDMCP      : Enabled

NAT port block group information:
  Totally 1 NAT port block groups.
  Port block group 1:
    Port range: 10001-15000
    Block size: 500
    Local IP address information:
      Start address        End address          VPN instance
      10.110.10.1          10.110.10.10         ---
    Global IP pool information:
      Start address        End address
      202.38.1.100         202.38.1.100

NAT outbound port block group information:
  Totally 1 outbound port block group items.
  Interface: GigabitEthernet1/0/2
    Port block group: 1
    Config status   : Active

# Display static NAT444 mappings.

[Router] display nat port-block static
Static port-block mapping tables:
Local VPN     Local IP         Global IP        Port block     Connections
---           10.110.10.1      202.38.1.100     10001-10500    2
---           10.110.10.2      202.38.1.100     10501-11000    0
---           10.110.10.3      202.38.1.100     11001-11500    0
---           10.110.10.4      202.38.1.100     11501-12000    0
---           10.110.10.5      202.38.1.100     12001-12500    1
---           10.110.10.6      202.38.1.100     12501-13000    0
---           10.110.10.7      202.38.1.100     13001-13500    0
---           10.110.10.8      202.38.1.100     13501-14000    0
---           10.110.10.9      202.38.1.100     14001-14500    0
---           10.110.10.10     202.38.1.100     14501-15000    0

prev

 

up

 next

NAT with DNS mapping configuration example 

home

 Dynamic NAT444 configuration example

© Copyright 2017 Hewlett Packard Enterprise Development LP