5-24 Compact T1 - Release 6.1
CLI Commands
add
add (router-wan) nat bypassUse the add (router-wan) nat bypass command to add subnets to the list of source addresses
that will not be subject to NAT translation when passing through a NAT enabled WAN
interface. This command applies to the IP Router only.
Syntax: add {rtr_card-addr} {"wan-name"} nat bypass
{ip-addr mask|ip-addr/bits}
Example:
The following example displays the configuration necessary to add two secondary IP
subnets to the LAN that do not get NAT translation performed on them when their packets
pass through the NAT on the WAN. In this example, packets leaving the "RemoteUnit"
WAN whose source IP address in the 10.0.0.0 subnet will be NAT translated to
211.103.55.1 before transmission. Packets leaving the "RemoteUnit" WAN whose source
IP address is in the 156.65.0.0 or 201.23.16.0 subnets will be transmitted unmodified.
set 1:1 ip address 10.0.0.1 255.0.0.0
add 1:1 secondary ip address 156.65.0.1 255.255.255.0
add 1:1 secondary ip address 201.23.16.1 255.255.255.0
set 1 "RemoteUnit" nat enable
set 1 "RemoteUnit" nat address 211.103.55.1 1
add 1 "RemoteUnit" nat bypass 156.65.0.0. 255.255.0.0
add 1 "RemoteUnit" nat bypass 201.23.16.0. 255.255.255.0
{rtr_card-addr}
The slot number (1-6) that contains the IP Router card.
{"wan-name"}
The WAN interface to modify. The name must be enclosed in quotes.
{ip-addr mask|ip-addr/bits}
ip-addr
mask The IP address and subnet mask or host to bypass the NAT translation, each
in the form of xxx.xxx.xxx.xxx, where xxx is between 0-255.
bits Use this field to identify the number of bits, from left to right that will be
used to match the IP Address field within the data packet. Range is between
1-32.