No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Fat AP and Cloud AP V200R010C00 Command Reference

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
nat static (system view)

nat static (system view)

Function

The nat static command configures one-to-one NAT between private addresses and public addresses in the system view.

The undo nat static command deletes one-to-one NAT configured between private addresses and public addresses in the system view.

By default, no one-to-one NAT is configured.

Format

nat static protocol { tcp | udp } global global-address global-port [ global-port2 ] inside host-address [ host-address2 ] [ host-port ] [ netmask mask ] [ description description ]

nat static protocol { tcp | udp } global interface loopback interface-number global-port [ global-port2 ] inside host-address [ host-address2 ] [ host-port ] [ netmask mask ] [ description description ]

nat static [ protocol { protocol-number | icmp | tcp | udp } ] global { global-address | interface loopback interface-number } inside host-address [ netmask mask ] [ description description ]

undo nat static protocol { tcp | udp } global global-address global-port [ global-port2 ] inside host-address [ host-address2 ] [ host-port ] [ netmask mask ] [ description description ]

undo nat static protocol { tcp | udp } global interface loopback interface-number global-port [ global-port2 ] inside host-address [ host-address2 ] [ host-port ] [ netmask mask ] [ description description ]

undo nat static [ protocol { protocol-number | icmp | tcp | udp } ] global { global-address | interface loopback interface-number } inside host-address [ netmask mask ] [ description description ]

Parameters

Parameter

Description

Value

protocol

Indicates a protocol.

-

protocol-number

Specifies the protocol number.

The value is an integer that ranges from 1 to 255.

global

Configures external address and port number.

-

global-address

Specifies the public IP address for NAT.

The value is in dotted decimal notation.

inside

Configures internal address and port number.

-

host-address

Specifies the private IP address for NAT.

The value is in dotted decimal notation.

host-address2

Specifies the ending IP address of the private network.

-

global-port

Specifies the external service port number. If this parameter is not specified, the value of this parameter is 0. That is, any type of service can be provided.

The value is an integer that ranges from 0 to 65535.

global-port2

Specifies the external service ending port number.

The value is an integer that ranges from 0 to 65535.

host-port

Specifies the service port number provided by the server. If this parameter is not specified, the value of this parameter is the same as the value of global-port.

The value is an integer that ranges from 0 to 65535.

icmp

Indicates that servers communicate with each other using ICMP.

-

tcp

Indicates that servers communicate with each other using TCP.

-

udp

Indicates that servers communicate with each other using UDP.

-

netmask mask

Indicates the network mask for static NAT.

The value ranges from 255.255.255.0 to 255.255.255.255.

description description

Indicates the NAT description.

The value is a string of 1 to 255 characters. The character string is case sensitive. It can contain spaces but cannot contain the question mark (?).

interface loopback interface-number

Indicates a public address as the loopback interface address.

The value is an integer that ranges from 0 to 1023.

Views

System view

Default Level

2: Configuration level

Usage Guidelines

Static NAT indicates that a private address is statically bound to a public address when NAT is performed. The public IP address in static NAT is only used for translation of the unique and fixed private IP address of a host.

Static PAT indicates that a combination of the private address of a host, TCP/UDP protocol number, and internal port number is statically bound to a combination of the public address, TCP/UDP protocol number, and external port number. The public IP address in static PAT can be used for translation of multiple private addresses.

Using static NAT or PAT, hosts on the private network and hosts on the public network can access each other.

  • If you run the undo nat static command, static mapping entries are not immediately deleted. To clear static mapping entries, run the reset nat session command.

  • When the global-port, global-port2, host-port, and host-port2 parameters are specified to configure mappings between public and private port numbers, the number of public port numbers must be the same as the number of private port numbers and the port numbers must be mapped in sequence. For example, when nat static protocol tcp global 1.1.1.1 11 20 inside 10.10.10.1 21 30 is configured, the public IP address 1.1.1.1 maps the private IP address 10.10.10.1, and public port numbers 11 to 20 map private port numbers 21 to 30 in sequence.

    When host-address2 is specified, global-port2 and host-port must also be specified. The number of private addresses must be the same as the number of public port numbers. That is, the same public address maps different private addresses, and different public port numbers map the same private port number. For example, when nat static protocol tcp global 1.1.1.1 11 12 inside 10.10.10.1 10.10.10.2 30 is configured, 1.1.1.1 and public port 11 map 10.10.10.1 and private port 30, and 1.1.1.1 and public port 12 map 10.10.10.2 and private port 30.

  • nat static protocol { tcp | udp } global interface loopback interface-number global-port [ global-port2 ] inside host-address [ host-address2 ] [ host-port ] [ netmask mask ] [ description description ]

    In the command, the first vpn-instance-name parameter specifies the VPN instance bound to the loopback interface, and the second vpn-instance-name parameter specifies a private network-side VPN instance.
  • If the ip binding vpn-instance vpn-instance-name command is run in the interface view to bind a public network-side VPN instance to the interface, the nat static command in the system view does not take effect. In this case, you need to run the nat static or nat server command in the interface view.

Example

# Translate the combination of Loopback 4 interface address and port 43 in TCP packets to private address 192.168.2.55.

<Huawei> system-view
[Huawei] interface loopback 4
[Huawei-LoopBack4] ip address 192.168.8.8 24
[Huawei-LoopBack4] quit 
[Huawei] nat static protocol tcp global interface loopback 4 43 inside 192.168.2.55 netmask 255.255.255.255
Translation
Download
Updated: 2019-11-21

Document ID: EDOC1100064352

Views: 210649

Downloads: 122

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next