No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

AR Router Troubleshooting Guide

This Product Documentation provides guidance for maintaining AR Enterprise Router, covering common information collection and fault diagnostic commands, typical fault troubleshooting guide, and troubleshooting.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
How Do I Configure Batch Port Mapping?

How Do I Configure Batch Port Mapping?

When a private IP address and a range of consecutive port numbers need to be mapped to a public IP address and a range of consecutive port numbers, you can reference an ACL to complete batch port mapping configuration.

On the private network shown in Figure 29-19, ports 2000 to 4000 and port 5000 of a server need to be opened to users on the public network. The private IP address of the server is 192.168.2.2/24 and its public IP address is 11.11.11.11/24. The interconnected IP address on the carrier network is 11.11.11.10.Ports 2000-4000, port 5000 and the private IP address of the internal server need to be mapped to public IP address 11.11.11.11 and corresponding ports.

Figure 29-19  Network diagram for batch port mapping configuration

Procedure

  1. Configure IP addresses for interfaces.

    <Huawei> system view
    [Huawei] sysname Router
    [Router] vlan 100
    [Router-vlan100] quit
    [Router] interface vlanif 100
    [Router-Vlanif100] ip address 192.168.2.1 24
    [Router-Vlanif100] quit
    [Router] interface ethernet 2/0/0
    [Router-Ethernet2/0/0] port link-type access 
    [Router-Ethernet2/0/0] port default vlan 100
    [Router-Ethernet2/0/0] quit 
    [Router] interface Gigabitethernet 1/0/0
    [Router-GigabitEthernet1/0/0] ip address 11.11.11.12 24
    [Router-GigabitEthernet1/0/0] quit 
  2. Create an ACL that matches the port numbers to be mapped.

    [Router] acl number 3001
    [Router-acl-adv-3001] rule 5 permit tcp destination-port range 2000 4000
    [Router-acl-adv-3001] rule 10 permit tcp destination-port eq 5000
    [Router-acl-adv-3001] quit
    
  3. Configure NAT server and reference the ACL.

    [Router] interface gigabitethernet 1/0/0
    [Router-GigabitEthernet1/0/0] nat server global 11.11.11.11 inside 192.168.2.2 acl 3001
    [Router-GigabitEthernet1/0/0] quit 
  4. Configure a default route on the router, with 11.11.11.10 as the next-hop address.

    [Router] ip route-static 0.0.0.0 0.0.0.0 11.11.11.10
    

More information

Batch port mapping configuration using an ACL completes the mapping of consecutive port numbers at one time, without the need to run the nat server command multiple times. This significantly reduces the configuration workload. Additionally, to change the range of port numbers, you only need to change the ACL rules, simplifying configuration maintenance. One public IP address can be used for batch port mapping configuration only once and cannot be used in other nat server port mapping configurations after that. If other internal servers need to provide services for public network users, use other public IP addresses for port mapping configuration.

Translation
Download
Updated: 2019-05-10

Document ID: EDOC1000079719

Views: 451363

Downloads: 4311

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next