Configuring acl-based nat on an internal server, Configuring dns mapping, Displaying and maintaining nat – H3C Technologies H3C SecPath F1000-E User Manual
Page 33
26
Configuring ACL-based NAT on an internal server
This feature maps the destination address of an ACL-permitted packet to the internal server address or the
internal server IP address/port number.
To configure ACL-based NAT on an internal server:
Step Command
1.
Enter system view.
system-view
2.
Enter interface view.
interface interface-type interface-number
3.
Configure an internal server based on
ACL.
nat server protocol pro-type global acl-number inside
local-address [ local-port ] [ vpn-instance local-name ]
Configuring DNS mapping
With DNS mapping, an internal host can access an internal server on the same private network by using
the domain name of the internal server when the DNS server resides on the public network.
To configure a DNS mapping:
Step Command
1.
Enter system view.
system-view
2.
Configure a DNS mapping. nat dns-map domain domain-name protocol pro-type ip global-ip port
global-port
Displaying and maintaining NAT
Task Command
Remarks
Display information about NAT
address pools.
display nat address-group
[ group-number ] [ | { begin | exclude |
include } regular-expression ]
Available in any view
Display all NAT configuration
information.
display nat all [ | { begin | exclude |
include } regular-expression ]
Available in any view
Display the NAT configuration
information.
display nat bound [ | { begin | exclude |
include } regular-expression ]
Available in any view
Display DNS mapping configuration
information.
display nat dns-map [ | { begin |
exclude | include } regular-expression ] Available in any view
Display the internal server information.
display nat server [ | { begin | exclude |
include } regular-expression ]
Available in any view
Display static NAT information.
display nat static [ | { begin | exclude |
include } regular-expression ]
Available in any view
Display NAT statistics.
display nat statistics [ | { begin | exclude
| include } regular-expression ]
Available in any view