Filter
Top Products
Advanced Configuration and Management Guide
These commands configure a standard ACL for the private sub-net 10.10.10.x/24, then enable inside NAT for the
sub-net. Make sure you specify permit in the ACL, rather than deny. If you specify deny, the HP device will not
provide NAT for the addresses.
Example with Port Address Translation Enabled
To configure dynamic NAT with the Port Address Translation feature enabled, enter commands such as the
following at the global CONFIG level of the CLI:
HP9300(config)# access-list 1 permit 10.10.10.0/24
HP9300(config)# ip nat pool OutAdds 209.157.1.2 209.157.1.254 prefix-length 24
HP9300(config)# ip nat inside source list 1 pool OutAdds overload
These commands are the same as the ones in “Example with Port Address Translation Disabled”, except the ip
nat inside source command uses the overload parameter. This parameter enables the Port Address Translation
feature.
Command Syntax
Syntax: [no] ip nat pool <pool-name> <start-ip> <end-ip> netmask <ip-mask> | prefix-length <length>
This command configures the address pool.
The <pool-name> parameter specifies the pool name. The name can be up to 255 characters long and can
contain special characters and internal blanks. If you use internal blanks, you must use quotation marks around
the entire name.
The <start-ip> parameter specifies the IP address at the beginning of the pool range. Specify the lowest-
numbered IP address in the range.
The <end-ip> parameter specifies the IP address at the end of the pool range. Specify the highest-numbered IP
address in the range.
NOTE: The address range cannot contain any gaps. Make sure you own all the IP addresses in the range. If the
range contains gaps, you must create separate pools containing only the addresses you own.
The netmask <ip-mask> | prefix-length <length> parameter specifies a classical sub-net mask (example:
netmask 255.255.255.0) or the length of a Classless Interdomain Routing prefix (example: prefix-length 24).
NOTE: The maximum number of global IP addresses you can configure depends on how much memory the
routing switch has and whether you enable the Port Address Translation feature. Regardless of the amount of
memory, you cannot configure more than 256 global IP addresses.
Syntax: [no] ip nat inside source list <acl-name-or-num> pool <pool-name> [overload]
This command associates a private address range with a pool of Internet addresses and optionally enables the
Port Address Translation feature.
The inside source parameter specifies that the translation applies to private addresses sending traffic to global
addresses (Internet addresses).
The list <acl-name-or-num> parameter specifies a standard or extended ACL. You can specify a numbered or
named ACL.
NOTE: For complete standard and extended ACL syntax, see “Using Access Control Lists (ACLs)” on page 3-1.
The pool <pool-name> parameter specifies the pool. You must create the pool before you can use it with this
command.
The overload parameter enables the Port Address Translation feature. Use this parameter if the IP address pool
does not contain enough addresses to ensure NAT for each private address. The Port Address Translation feature
conserves Internet addresses by mapping the same Internet address to more than one private address and using
a TCP or UDP port number to distinguish among the private hosts. The device supports up to 50 global IP
addresses with this feature enabled.
11 - 6