No relevant resource is found in the selected language.
Enterprise
Worldwide
Search
Support Documentation
NetEngine AR V300R019 CLI-based Configuration Guide - IP Service
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring Intranet Hosts to Access Public Networks

Configuring Intranet Hosts to Access Public Networks

Context

Internal hosts can access the public network through dynamic NAT. Basically, dynamic NAT is configured on the NAT device's outbound interface connected to the public network to translate private IP addresses into public IP addresses. Dynamic NAT can be implemented in either address pool mode or Easy IP mode. You can choose one of the NAT modes as needed.

  • If there are still available public IP addresses after the outbound interface IP address of the NAT device and other applications are configured, configure dynamic NAT in address pool mode.
  • If there are no more available public IP addresses after the outbound interface IP address of the NAT device and other applications are configured, configure dynamic NAT in Easy IP mode. This mode can use the outbound interface IP address of the NAT device to implement NAT.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run acl [ number ] acl-number [ match-order { auto | config } ]

    An ACL with the specified number is created and the ACL view is displayed.

  3. Run quit

    Exit the ACL view.

  4. Configure dynamic NAT for the outbound interface on the NAT device. Choose one of the following methods based on your site scenario:
    • Configure dynamic NAT in address pool mode.
      1. Run nat address-group group-index start-address end-address

        A NAT address pool is configured.

      2. Run interface interface-type interface-number[.subnumber ]

        The interface view or sub-interface view is displayed.

      3. Run nat outbound acl-number address-group group-index [ no-pat ]

        Dynamic NAT that references the address pool is configured.

    • Configure dynamic NAT in Easy IP mode.
      1. Run interface interface-type interface-number[.subnumber ]

        The interface view or sub-interface view is displayed.

      2. Run nat outbound acl-number [ interface interface-type interface-number[.subnumber ] ]

        Dynamic NAT in Easy IP mode is configured.

    1. Only basic ACLs (2000 to 2999) and advanced ACLs (3000 to 3999) can be used to configure the NAT function. Configure basic or advanced ACLs as required.

    2. When the action in an ACL rule is permit, the NAT policy referencing the ACL rule takes effect. When the action in an ACL rule is not permit, the NAT policy referencing the ACL rule does not take effect. That is, the device searches the routing table for routes corresponding to the destination address, but does not translate addresses.

    3. After the ACL rule referenced by the NAT policy is modified, the modification does not take effect immediately. To make the modification take effect immediately, run the reset nat session command to clear the NAT mapping table. You are advised not to modify the ACL rules in use.

Translation
简体中文
Download
Updated: 2023-05-18

Document ID: EDOC1100112351

Views: 516090

Downloads: 751

Average rating:
This Document Applies to these Products

Related Version

Related Documents

Digital Signature File

Digital Signature Authentication Mode
Share
Previous Next

Copyright © 2023 Huawei Technologies Co., Ltd. All rights reserved.

You are going to visit :