No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

FAQ-Why Is the NAT Address Pool Port Segmentation Function Required?

Publication Date:  2019-01-22 Views:  120 Downloads:  0

Issue Description

Why is the NAT address pool port segmentation function required?

Solution

The NAT address pool port segmentation function avoids port conflicts between the two firewalls.
In load balancing hot standby mode, both firewalls carry service traffic. When NAT is configured on the firewalls, the public ports allocated to the two firewalls may conflict in NAPT mode. In NAT No-PAT mode, the public IP addresses allocated to the two firewalls may conflict. To avoid such conflicts, you need to configure NAT resources (including public IP addresses and public port numbers) on the two firewalls. In this case, you can run the hrp nat resource primary-group command on the active firewall, so that the hrp nat resource secondary-group command is automatically generated on the standby firewall. If the hrp nat resource secondary-group command is configured on the active firewall, the hrp nat resource primary-group command is automatically generated on the standby firewall.
In active/standby backup mode, you do not need to configure this function.

END