Users subordinate to an ME60 (V600R002C02SPC200) enabled with NAT failed to ping an external network and no session was generated.
NAT configurations were as follows:
acl number 6100
rule 1 permit ip source user-group pppoe destination ip-address any
traffic classifier 6100 operator or
if-match acl 6100
traffic behavior 6100
nat bind instance 1
traffic policy action
classifier 6100 behavior 6100 precedence 1
nat instance 1
add slot 2 master
nat address-group 1 *.*.*.* (public network address)
nat outbound any address-group 1
pppoe-server bind Virtual-Template 1
traffic-policy action inbound
No session was generated.<JCHDS-MC-CMNET-BS001>display nat session table slot 2
Huawei performed the following operations to address the problem:
1. Verified that the ME60 had been loaded with a license.
2. Verified that the upper-layer device was configured with routes for returned traffic to the nat address-group.3. Checked configurations and found that the traffic-policy was applied to interfaces.
On ME60 V6R2:
1. Apply the traffic-policy for BAS-side services (that is, services configured in domain mode) in global config mode. (The example in the related manual is incorrect.)
2. Apply the traffic policy to Layer 3 interfaces for Layer 3 traffic from the network side.3. Apply the traffic policy to Layer 2 interfaces for Layer 2 traffic from the network side.