Enterasys Networks XSR CLI Router User Manual


  Open as PDF
of 684
 
Network Address Translation Commands
5-186 Configuring the Internet Protocol
XSR(config)#ip nat service list 1 ftp tcp port 2021
XSR(config)#access-list 1 permit 10.1.1.1
Thisexamplesetsnonstandardport2021andstandardport21forFTP.BeawarethatiftheFTP
serverisusingboththedefaultandanotherport,bothportsmustbeconfiguredinNAT.
XSR(config)#ip nat service list 1 ftp tcp port 21
XSR(config)#ip nat service list 1 ftp tcp port 2021
XSR(config)#access-list 1 permit 10.1.1.1
ip nat source (interface mode - NAPT)
ThiscommandappliesPoolNetworkAddressTranslation(NAT) andNetworkAddressPort
Translation(NAPT)rulestoanXSRinterface.Bothstandardandextendedaccesslistsare
supportedaswellasNetworkAddressPortTranslation.
Syntax
ip nat source [list access-list-number]{assigned overload | address ip-address
overload | pool pool_name overload}
Syntax of the “no” Form
ThenocommandremovesNATrulesfromtheinterface:
no ip nat source [list access-list-number]{assigned overload | address ip-address
overload | pool pool_name overload}
Mode
Interfaceconfiguration:XSR(config-if<xx>)#
Default:
NoNAT(rule)specifiedfortheinterface.
Example
ThisexampleconfiguresSerialinterface1/0asthesourceIPaddressforoutgoingpackets:
XSR(config)#interface serial 1/0
XSR(config-if<S1/0>)#ip nat source assigned over
list access-
list-number
StandardIPACLnumber.PacketswithsourceaddressesthatpasstheACL
(permittedbythelist)aredynamicallytranslated usingthelocalglobal
address.IftheACLisnotspecified,thewildcardisassumed.
assigned
IPaddressoftheportusedasthesourceIPaddressforoutgoingpackets.
ip-address
SpecifiedarbitraryIPaddressusedastheglobalNATIPaddress.
pool pool_name
Groupofaddressesfromwhichtheglobaladdresswillbechosen.
overload
Whenoverloadisspecified,theselectedglobaladdress(eitherspecifiedor
fromthepool)willbeusedtoperformNAPT,whichrangesfromport
20000to40960.
 previous next