Configuring dns mapping, Setting nat connection limits, Displaying and maintaining nat – H3C Technologies H3C SecBlade FW Cards User Manual

21

To do…

Use the command…

Remarks

Configure a common internal server

nat server [ acl-number ] protocol
pro-type global { global-address |
interface interface-type

interface-number |

current-interface } global-port1
global-port2 inside

local-address1 local-address2

local-port [ vpn-instance
local-name ] [ track vrrp

virtual-router-id ]

Required

CAUTION:
•

The device supports using the interface address as the external address of an internal server, which is the
Easy IP feature. If you want to specify an interface, the interface must be a loopback interface and must
already exist.

•

If you configure an internal server using Easy IP but do not configure an IP address for the interface, the
internal server configuration does not take effect.

•

Support for internal server using Easy IP depends on the device model.

Configuring DNS mapping

With DNS mapping, an internal host can access an internal server on the same private network by using

the domain name of the internal server when the DNS server resides on the public network.
Follow these steps to configure a DNS mapping:

To do…

Use the command…

Remarks

Enter system view

system-view

—

Configure a DNS mapping

nat dns-map domain
domain-name protocol pro-type ip

global-ip port global-port

Required

Setting NAT connection limits

For more information about NAT connection limits, see the NATand ALG Configuration Guidee.

Displaying and maintaining NAT

To do…

Use the command…

Remarks

Display information about NAT
address pools

display nat address-group
[ group-number ]

Available in any view

Display all NAT configuration
information

display nat all

Available in any view

Display the NAT configuration
information

display nat bound

Available in any view

Display DNS mapping configuration
information

display nat dns-map

Available in any view