No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Fat AP and Cloud AP V200R010C00 Command Reference

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
nat server

nat server

Function

The nat server command defines a mapping table of internal servers so that external users can access internal servers through address and port translation.

The undo nat server command cancels the mapping table.

By default, no mapping table is configured.

Format

nat server protocol { tcp | udp } global { global-address | current-interface | interface interface-type interface-number } global-port [ global-port2 ] inside host-address [ host-address2 ] [ host-port ] [ acl acl-number ] [ description description ]

nat server [ protocol { protocol-number | icmp | tcp | udp } ] global { global-address | current-interface | interface interface-type interface-number } inside host-address [ acl acl-number ] [ description description ]

undo nat server protocol { tcp | udp } global { global-address | current-interface | interface interface-type interface-number } global-port [ global-port2 ] inside host-address [ host-address2 ] [ host-port ]

undo nat server [ protocol { protocol-number | icmp | tcp | udp } ] global { global-address | current-interface | interface interface-type interface-number } inside host-address

Parameters

Parameter

Description

Value

protocol

Indicates the protocol type.

-

protocol-number

Specifies the protocol number.

The value is an integer that ranges from 1 to 255.

global

Configures external information about the NAT server.

-

icmp

Indicates that servers communicate with each other using ICMP.

-

tcp

Indicates that servers communicate with each other using TCP.

-

udp

Indicates that servers communicate with each other using UDP.

-

global-address

Specifies a valid IP address provided for external access.

The value is in dotted decimal notation.

inside

Configures internal information about the NAT server.

-

host-address

Specifies an IP address of the NAT server.

The value is in dotted decimal notation.

host-address2

Specifies the ending IP address of the private network.

The value is in dotted decimal notation.

global-port

Specifies the external service port number. You can use keywords to replace common port numbers. For example, the FTP port number is 21, so you can use the keyword ftp. If this parameter is not specified, the value of this parameter is 0. That is, any type of service can be provided.

The value is an integer that ranges from 0 to 65535.

global-port2

Specifies the external service ending port number. You can use keywords to replace common port numbers. For example, the FTP port number is 21, so you can use the keyword ftp. If this parameter is not specified, the value of this parameter is 0. That is, any type of service can be provided.

The value is an integer that ranges from 0 to 65535.

host-port

Specifies the service port number provided by the NAT server. If this parameter is not specified, the value of this parameter is the same as the value of global-port.

The value is an integer that ranges from 0 to 65535.

acl acl-number

Indicates the number of an ACL.

The value is an integer that ranges from 2000 to 3999.

description description

Indicates the NAT description.

The value is a string of 1 to 255 case-sensitive characters. It can contain spaces.

current-interface

Indicates a public address as the current interface address.

-

interface interface-type interface-number

Indicates a public address as the interface address.

-

Views

VLANIF interface view, Tunnel interface view

VLANIF interface view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

You can configure an internal server so that the external network can access the server in an active manner. When a host on the public network sends a connection request to the public address (global-address) of the internal NAT server, the NAT server translates the destination address of the request into a private address (inside-address). The request is then forwarded to the server on the private network.

  • This command can only be used on Layer 3 interfaces, except loopback and NULL interfaces.
  • If you run the undo nat server command, static mapping entries are not deleted within the aging-time period. To clear static mapping entries, run the reset nat session command.

Precautions

The specified global-port or host-port cannot be used by other applications. Otherwise, the configuration does not take effect.

If you need to map the private address of an internal server into the IP address of the public network interface when configuring this command on the public network interface, you must set the current-interface parameter to specify a global address as the current interface address.

Example

# Add a NAT server and translate public address 1.1.1.1 of the TCP service to private address 192.168.0.1.

<Huawei> system-view
[Huawei] interface vlanif 100
[Huawei-Vlanif100] nat server protocol tcp global 1.1.1.1 inside 192.168.0.1
Translation
Download
Updated: 2019-11-21

Document ID: EDOC1100064352

Views: 199237

Downloads: 122

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next