H3C Technologies H3C SecPath F5000-S Firewall User Manual

38

Table 9 Configuration items

Item Description

Interface

Select an interface on which the NAT configuration will be applied.

Dynamic NAT

Specify whether to enable dynamic NAT on the interface.
If dynamic NAT is enabled, the IP address of the interface will be used as the IP
address of a matched packet after the translation.
By default, dynamic NAT is disabled.

Source IP/Wildcard

If dynamic NAT is enabled, set the source IP address and wildcard for packets.

Destination
IP/Wildcard

If dynamic NAT is enabled, set the destination IP address and wildcard for packets.

Protocol Type

If dynamic NAT is enabled, select the protocol type carried over the IP protocol,
including TCP, UDP, and IP (indicating all protocols carried by the IP protocol).

Internal Server

Specify whether to enable the internal server.
If the internal server is enabled, when a user from the external network accesses the
internal server, the NAT translates the destination address of request packets into the

private IP address of the internal server. When the internal server replies to the

packets, the NAT translates the source address (private IP address) of reply packets
into a public IP address.
By default, the internal server is disabled.

IMPORTANT:

Configuration of the internal server might result in disconnection with the device (for

example, specify an external IP address as the IP address of the local host or as the IP

address of the current access interface). Perform the operation with caution.

External IP: Port

When you enable the internal server, set the valid IP address and service port number
for the external access.

Internal IP: Port

If you enable the internal server, set the IP address and service port number for the
server on the internal LAN.

11.

Click Next.
The page listing all configurations you have made in the basic configuration wizard appears.