beautypg.com

Configuring nat, Configuring nat rules – Extreme Networks 200 Series User Manual

Page 140

background image

138

Summit 200 Series Switch Installation and User Guide

Network Address Translation (NAT)

Because of the large number of simultaneous requests that can be made from a web browser, it is not
recommended that this mode be used when a large number of inside hosts are being translated to a
small number of outside IP addresses. ICMP traffic is not translated in this mode. You must add a
dynamic NAT rule for the same IP address range to allow for ICMP traffic.

Configuring NAT

The behavior of NAT is determined by the rules you create to translate the IP addresses. You must
attach each rule to a specific VLAN. All rules are processed in order. The options specified on the NAT
rule determine the algorithm used to translate the inside IP addresses to the outside IP addresses. For
outgoing (inside to outside) packets, the first rule to match is processed. All following rules are ignored.
All return packets must arrive on the same outside VLAN on which the session went out. For most
configurations, make sure that the outside IP addresses specified in the rule are part of the outside
VLAN’s subnet range, so that the switch can proxy the address resolution protocol (ARP) for those
addresses.

To enable NAT functionality, use the following command:

enable nat

Configuring NAT Rules

To configure NAT rules, use the commands listed in Table 34.

Table 34: NAT Configuration Commands

Command

Description

config nat add vlan map source
[any | [/| ]]
{l4-port [any | {- }]}
{destination / {l4-port
[any | {- }]}} to
[/ | | - ]
{[tcp | udp | both] [portmap { - } |
auto-constrain]}

Adds a NAT translation rule that translates
private IP addresses to public IP addresses
on the outside VLAN. The first IP address
specifies private side IP addresses and the
second IP address specifies the public side
IP address. Use portmap to specify port
translations and specify either TCP or UDP
port translation, or both.

The range of

number

is 1 to 65535. The

default setting for

min

is 1024. The default

setting for

max

is 65535.

config nat delete vlan map source
[any | [/| ]]
{l4-port [any | {- }]}
{destination / {l4-port
[any | {- }]}} to
[/ | | - ]
{[tcp | udp | both] [portmap { - } |
auto-constrain]}

Deletes a NAT translation rule.

See also other documents in the category Extreme Networks Computer Accessories: