Filter
Top Products
2037
global-port: Port number designated for external access, in the range 0 to 65,535.
The default and the keyword must match those for host-port.
host-address: Internal IP address of the NAT server.
Description Use the nat server command to define a translation table for an internal server.
Using the address and port combination defined by the global-address and
global-port parameters, external users can access internal servers with an IP
address of host-address and a port of host-port.
Use the
undo nat server command to remove the configuration.
Note that:
■ Of the two arguments global-port and host-port, if one is set to any, the other
must also be any, or remain undefined.
■ Using this command, you can configure internal servers (such as WWW, FTP,
Telnet, POP3, or DNS server) that provide services to external users. An internal
server can reside in a private network or in an MPLS VPN instance.
■ An interface can be configured with at most 256 internal server configuration
commands. Each command can create a number of internal servers equal to
the difference between global-port2 and global-port1. An interface can be
configured with at most 4096 internal servers and a system allows at most
1024 internal server configuration commands.
■ In general, this command is configured on the interface that serves as the
egress of an internal network and connects to the external networks.
■ Currently the device supports Easy IP, which uses the interface address as the
public IP address of internal servers. To implement Easy IP on the current
interface, use key word current-interface in the command. To implement Easy
IP on other interfaces, you must specify an existing Loopback interface.
c
CAUTION: When the protocol type is not udp (with a protocol number of 17) or
tcp (with a protocol number of 6), you can only use the (undo) nat server
[ vpn-instance vpn-instance-name ] protocol pro-type global global-address
inside host-address command, that is, one-to-one NAT between an internal IP
address and an external IP address.
Example # Specify the IP address of the WWW Server in a LAN to be 10.110.10.10, the IP
address of the FTP Server in MPLS VPN vrf10 to be 10.110.10.11. It is desired to
allow external users to access the WWW Server through http://
202.110.10.10:8080, and the FTP Server through ftp://202.110.10.10. Assume
that the interface Serial 1/0 is connected to external networks.
<Sysname> system-view
[Sysname] interface serial 1/0
[Sysname-Serial1/0] nat server protocol tcp global 202.110.10.10 808
0 inside 10.110.10.10 www
[Sysname-Serial1/0] quit
[Sysname] ip vpn-instance vrf10
[Sysname-vpn-instance] route-distinguisher 100:001
[Sysname-vpn-instance] vpn-target 100:1 export-extcommunity
[Sysname-vpn-instance] vpn-target 100:1 import-extcommunity