ADTRAN 1000R Series Network Card User Manual


  Open as PDF
of 1373
 
Command Reference Guide Global Configuration Mode Command Set
61200510L1-35E Copyright © 2005 ADTRAN 397
discard list <access list names> policy <access policy name>
All packets passed by the access list(s) entered and destined for the interface using the access policy
listed will be blocked from the router system. This allows for configurations to deny packets on a specified
interface.
nat source list <access list names> address <IP address> overload
All packets passed by the access list(s) entered will be modified to replace the source IP address with the
entered IP address. The overload keyword allows multiple source IP addresses to be replaced with the
single IP address entered. This hides private IP addresses from outside the local network.
nat source list <access list names> interface <interface> overload [policy]
All packets passed by the access list(s) entered will be modified to replace the source IP address with the
primary IP address of the listed interface. The overload keyword allows multiple source IP addresses to
be replaced with the single IP address of the specified interface. This hides private IP addresses from
outside the local network. The policy option specifies the destination policy class.
nat destination list <access list names> address <IP address>
All packets passed by the access list(s) entered will be modified to replace the destination IP address with
the entered IP address. The overload keyword is not an option when performing NAT on the destination IP
address; each private address must have a unique public address. This hides private IP addresses from
outside the local network.
Step 4:
Apply the created access control policy to an interface. To assign an access policy to an interface, enter
the interface configuration mode for the desired interface and enter access policy <policy name>. The
following example assigns access policy MatchAll to the Ethernet 0/1 interface:
(config)#interface ethernet 0/1
(config-eth 0/1)#access-policy MatchAll
Before applying an access control policy to an interface, verify your Telnet
connection will not be affected by the policy. If a policy is applied to the interface you
are connecting through and it does not allow Telnet traffic, your connection will be
lost.