beautypg.com

Configuring an internal server – H3C Technologies H3C SecBlade FW Cards User Manual

Page 27

background image

20

With a specific ACL associated with an address pool or interface address, NAPT translates the source

address of a packet permitted by the ACL into an IP address of the address pool or the interface address,
with using the port information.
Follow these steps to configure NAPT:

To do…

Use the command…

Remarks

Enter system view

system-view

Enter interface view

interface interface-type
interface-number

Configure NAPT by associating an
ACL with an IP address pool on the

outbound interface for translating
both IP address and port number

nat outbound [ acl-number ]
[ address-group group-number ]

[ track vrrp virtual-router-id ]

Required

Return to system view

quit

Configuring an internal server

1.

Introduction to internal server

To configure an internal server, you need to map an external IP address and port number to the internal

server. This is done through executing the nat server command on an interface.
Internal server configurations include external network information (external IP address global-address
and external port number global-port), internal network information (internal IP address local-address

and internal port number local-port), and internal server protocol type. According to different

internal/external network information configurations, internal servers can be classified into common

internal servers and load sharing internal servers.
Both internal servers and their external IP addresses can support VPN. If an internal server belongs to an

VPN, you also need to specify the vpn-instance-name argument. Without this argument specified, the

internal server does not belong to any VPN.

2.

Configuring a common internal server

After mapping the internal IP address/port number (local-address and local-port) of a common internal

server to an external IP address/port number (global-address and global-port), hosts in external
networks can access the server located in the internal network.
Follow these steps to configure a common internal server (III):

To do…

Use the command…

Remarks

Enter system view

system-view

Enter interface view

interface interface-type
interface-number

This manual is related to the following products:
See also other documents in the category H3C Technologies Safety: