No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Fat AP and Cloud AP V200R010C00 Command Reference

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
nat static (interface view)

nat static (interface view)

Function

The nat static command configures the static mapping between a private IP address and a public IP address.

The undo nat static command deletes the static mapping between a private IP address and a public IP address.

By default, the static mapping between a private IP address and a public IP address is not configured.

Format

nat static protocol { tcp | udp } global { global-address | current-interface | interface interface-type interface-number } global-port [ global-port2 ] inside host-address [ host-address2 ] [ host-port ] [ netmask mask ] [ acl acl-number ] [ description description ]

nat static [ protocol { protocol-number | icmp | tcp | udp } ] global { global-address | current-interface | interface interface-type interface-number } inside host-address [ netmask mask ] [ acl acl-number ] [ description description ]

undo nat static protocol { tcp | udp } global { global-address | current-interface | interface interface-type interface-number } global-port [ global-port2 ] inside host-address [ host-address2 ] [ host-port ] [ netmask mask ]

undo nat static [ protocol { protocol-number | icmp | tcp | udp } ] global { global-address | current-interface | interface interface-type interface-number } inside host-address [ netmask mask ]

Parameters

Parameter

Parameters

Value

protocol

Indicates the protocol.

-

protocol-number

Specifies a protocol number.

The value is an integer that ranges from 1 to 255.

icmp

Indicates address translation for ICMP packets.

-

tcp

Indicates address translation for TCP packets.

-

udp

Indicates address translation for UDP packets.

-

global

Configures public network information.

-

global-address

Specifies a public IP address.

The value is in dotted decimal notation.

global-port

Specifies the external service port number.

If this parameter is not specified, the value of global-port is 0. That is, any type of service can be provided.

The value is an integer that ranges from 0 to 65535.

global-port2

Specifies a public end port number.

If this parameter is specified, a range of consecutive port numbers are translated. If this parameter is not specified, only the port number global-port is translated.

The value is an integer that ranges from 0 to 65535.

inside

Configures private network information.

-

host-address

Specifies a private IP address.

The value is in dotted decimal notation.

host-address2

Specifies a private end IP address.

If this parameter is specified, a range of consecutive IP addresses are translated. If this parameter is not specified, only the private IP address host-address is translated.

The value is in dotted decimal notation.

host-port

Specifies a service port number provided by private network devices.

If this parameter is not specified, the value of host-port is the same as the value of global-port.

The value is an integer that ranges from 0 to 65535.

netmask mask

Specifies the network mask for static NAT.

The value ranges from 255.255.255.0 to 255.255.255.255.

acl acl-number

Specifies the number of an ACL.

You can use an ACL to control NAT implementation, ensuring that NAT is performed only for data packets that meet rules in the ACL.

The value is an integer that ranges from 2000 to 3999.

description description

Specifies the NAT description.

The value is a string of 1 to 255 case-sensitive characters without question marks (?). It can contain spaces.

current-interface

Specifies a public IP address as the IP address of the current interface.

-

interface interface-type interface-number

Specifies a public IP address as the IP address of an interface.
  • interface-type specifies the interface type.
  • interface-number specifies the interface number.

-

Views

VLANIF interface view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

If devices on a private network allow access from devices on a public network through a fixed IP address, for example, a private server provides services to public network devices, the public network devices can access the server through a fixed public IP address. You can configure static NAT to translate the private IP address of the private server into the specified public IP address.

Static NAT also supports IP address translation between network segments, that is, private IP addresses within a specified range and public IP addresses within a specified range can be translated into each other.

Precautions

After the undo nat static command is run on the device, static mapping entries on the device will not be cleared immediately. To clear static mapping entries immediately, run the reset nat session command.

When the global-port, global-port2, host-port, and host-port2 parameters are specified to configure mappings between public and private port numbers, the number of public port numbers must be the same as the number of private port numbers and the port numbers must be mapped in sequence. For example, when nat static protocol tcp global 1.1.1.1 11 20 inside 10.10.10.1 21 30 is configured, the public IP address 1.1.1.1 maps the private IP address 10.10.10.1, and public port numbers 11 to 20 map private port numbers 21 to 30 in sequence.

When host-address2 is specified, global-port2 and host-port must also be specified. The number of private addresses must be the same as the number of public port numbers. That is, the same public address maps different private addresses, and different public port numbers map the same private port number. For example, when nat static protocol tcp global 1.1.1.1 11 12 inside 10.10.10.1 10.10.10.2 30 is configured, 1.1.1.1 and public port 11 map 10.10.10.1 and private port 30, and 1.1.1.1 and public port 12 map 10.10.10.2 and private port 30.

Example

# Translate the combination of the public IP address 1.1.1.1 and port 200 in TCP packets to the combination of the private IP address 10.10.10.1 and port 300.

<Huawei> system-view
[Huawei] interface vlanif 100
[Huawei-Vlanif100] nat static protocol tcp global 1.1.1.1 200 inside 10.10.10.1 300
Translation
Download
Updated: 2019-11-21

Document ID: EDOC1100064352

Views: 208176

Downloads: 122

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next