Step

Command

Remarks

 

To configure a static NAT mapping:

 

a.

nat static local-ip[ vpn-instance

 

 

local-name ] global-ip [ vpn-instance

 

 

global-name ]

 

b.

interface interface-type

 

 

interface-number

 

c.

nat outbound static

4. Configure NAT.

To configure dynamic NAT:

 

 

d.

interface interface-type

 

 

interface-number

 

e.

nat outbound [ acl-number]

 

 

[ address-group group-number

 

 

[ vpn-instancevpn-instance-name ]

[ no-pat ] ] [ track vrrp virtual-router-id]

Optional.

By default, NAT is not configured on an interface.

 

 

For normal NAT server:

 

 

 

{ nat server [ Index acl-number ]

 

 

 

protocol pro-type global

 

 

 

{ global-address current-interface

 

 

 

interface interface-type

 

 

 

interface-number } global-port1

 

 

 

global-port2 [ vpn-instance

 

 

 

global-name ] inside local-address1

 

 

 

local-address2 local-port [ vpn-instance

 

 

 

local-name ] [ track vrrp

 

 

 

virtual-router-id ]

Optional.

5.

Configure the NAT

{ nat server [ Index acl-number ]

Configure none or one of the

 

server.

protocol pro-type global

 

 

{ global-address current-interface

commands.

 

 

 

 

 

interface interface-type

 

 

 

interface-number } [ global-port ]

 

 

 

[ vpn-instance global-name ] inside

 

 

 

local-address [ local-port ]

 

 

 

[ vpn-instance local-name ] [ track vrrp

 

 

 

virtual-router-id ]

 

 

 

For ACL-based NAT server:

 

 

 

nat server protocol pro-typeglobal

 

 

 

acl-number inside local-address

 

 

 

[ local-port ] [ vpn-instancelocal-name ]

 

 

 

 

 

 

 

 

Optional.

6. Assign an IP address to

ip address ip-address { mask-length mask }

By default, GigabitEthernet

0/0 is assigned the IP

 

the interface.

[ sub ]

address 192.168.0.1/24,

 

 

 

and the other interfaces have

 

 

 

no IP addresses.

 

 

 

7. Return to system view.

quit

N/A

 

 

 

 

8.

Enter security zone

zone name zone-name [ id zone-id ]

N/A

 

view.

 

 

 

 

 

 

 

 

 

82

 

Page 88
Image 88
HP 200 Unified Threat Management (UTM) Appliance Global-name, Interface interface-type, Zone name zone-name id zone-id