Adding a nat audit task – H3C Technologies H3C Intelligent Management Center User Manual

45

The Access User, Terminal Type, and Operating System fields are displayed only when UBA

works with UAM.

7.

Click Back to return to the User Behavior Audit Management page.

Adding a NAT audit task

1.

Access the User Behavior Audit Management page.

2.

In the user behavior audit task list, click Add.
The Select Audit Type page appears.

3.

Select NAT Audit and click Next.
The Add Custom NAT Audit page appears.

4.

In the Basic Information area, perform the following tasks:

a.

In the Name field, enter the task name.

b.

From the Server list, select the audit server.

c.

Click Select next to the Reader field. On the window that appears, select operator groups that
have the right to view the task, and click OK.

5.

In the Audit Condition area, perform the following tasks:

a.

Select the NAT IP option and enter the NAT IP addresses.
You can enter an IP address, an IP segment, or an IP address range.
An example of a valid IP address entry:

10.153.89.0

An example of a valid IPv4 segment:

10.153.89.*

An example of a valid IPv4 address range entry:

1.1.1.1-2.2.2.2

An example of a valid IPv6 address entry:

a001:410:0:1::1

An example of a valid IPv6 address and subnet mask entry using CIDR notation:

a001:410:0:1::1/64

An example of a valid IPv6 address entry:
a001:410:0:1::1- a001:410:0:1::100

b.

Select the NAT Port option and enter the NAT port number in the format of 21 or 21-100.

c.

Select the Operator option and select an operator that is used to identify the cause of
terminating a network flow from the Operator list. Options are:

−

Unlimited—Unlimited.

−

Reserved—Reserved.

−

Ended Normally—Indicates the flow ends normally.

−

Aged upon Timeout—Indicates the flow is aged due to timeout.

−

Aged upon Configuration Change—Indicates the flow aged due to changing
Clear/Configuration.

−

Aged for Resource Insufficiency—Indicates the flow aged due to the insufficient resource.