168
Configuration procedure
# Specify IP addresses for the interfaces on the router. (Details not shown.)
# Enable NAT with ALG for DNS.
<Router> system-view
[Router] nat alg dns
# Enter interface view of GigabitEthernet 2/0/2.
[Router] interface gigabitethernet 2/0/2
# Configure NAT Server to allow external hosts to access the internal Web server by using the
address 202.38.1.2.
[Router-GigabitEthernet2/0/2] nat server protocol tcp global 202.38.1.2 inside
10.110.10.1 http
# Configure NAT Server to allow external hosts to access the internal FTP server by using the
address 202.38.1.2.
[Router-GigabitEthernet2/0/2] nat server protocol tcp global 202.38.1.2 inside
10.110.10.2 ftp
# Enable outbound NAT with Easy IP on interface GigabitEthernet 2/0/2.
[Router-GigabitEthernet2/0/2] nat outbound
[Router-GigabitEthernet2/0/2] quit
# Configure two DNS mapping entries by mapping the domain name
www.server.com
of the Web
server to 202.38.1.2, and
ftp.server.com
of the FTP server to 202.38.1.2.
[Router] nat dns-map domain www.server.com protocol tcp ip 202.38.1.2 port http
[Router] nat dns-map domain ftp.server.com protocol tcp ip 202.38.1.2 port ftp
[Router] quit
Verifying the configuration
# Verify that both internal and external hosts can access the internal servers by using domain names.
(Details not shown.)
# Display all NAT configuration and statistics.
[Router] display nat all
NAT outbound information:
Totally 1 NAT outbound rules.
Interface: GigabitEthernet2/0/2
ACL: --- Address group: --- Port-preserved: N
NO-PAT: N Reversible: N
Config status: Active
Global flow-table status: Active
NAT internal server information:
Totally 2 internal servers.
Interface: GigabitEthernet2/0/2
Protocol: 6(TCP)
Global IP/port: 202.38.1.2/21
Local IP/port : 10.110.10.2/21
Config status : Active
Global flow-table status: Active
Local flow-table status: Active
Interface: GigabitEthernet2/0/2