Allied-Telesis AT-iMG624A Router Manual PDF (Setup & Configuration Guide)

Home

/

Manuals

/

Allied-Telesis

/

AT-iMG624A

/

90

Page 446 / 998 Scroll up to view Page 441 - 445

Network address translation - NAT

NAT command reference

iMG/RG Software Reference Manual (IPNetwork Functions)

4-144

IKE establishes a shared security policy and authenticates keys for services that require

keys, such as IPSec. Before any IPSec traffic can be passed, each router/firewall/host must

verify the identity of its peer. This can be done by manually entering pre-shared keys into

both hosts or by a CA service.

Options

The following table gives the range of values for each option that can be specified with

this command and a Default Value (if applicable).

Example

--> nat iketranslation cookies

4.4.5.1.7 NAT LIST GLOBALPOOLS

Syntax

NAT LIST GLOBALPOOLS <interfacename>

Description

This command lists the following NAT address pool information for a specific outside

interface:

•

Address pool identification number

•

Address pool name

•

Type of inside interface (internal or DMZ)

•

Subnet status (true or false)

•

IP address - the outside network IP address or the first address in the range of net-

work pool addresses

•

Mask/End Address - the outside subnet mask of the outside network IP address or

the last address in the range of network pool addresses

Options

The following table gives the range of values for each option that can be specified with

this command and a Default Value (if applicable).

Option

Description

Default Value

cookies

Source port will not be translated for IKE packets; IKE cook-

ies are used to identify IKE sessions.

Ports

ports

Source port will be translated for IKE packets.

Page 447 / 998

NAT command reference

Network address translation - NAT

4-145

iMG/RG Software Reference Manual (IPNetwork Functions)

Example

--> nat list globalpools extinterface

NAT global address pool:

ID |

Name

|

Type

| Subnet |

IP address

| Mask/End Address

--------------------------------------------------------------------

1 | gp1

| dmz

| true

| 192.168.102.3 | 255.255.255.0

2 | g2

| internal | false

| 192.168.103.2 | 192.168.103.50

--------------------------------------------------------------------

See also

SECURITY LIST INTERFACES

NAT SHOW GLOBALPOOL

4.4.5.1.8 NAT SHOW GLOBALPOOL

Syntax

NAT SHOW GLOBALPOOL <name> <interfacename>

Description

This command displays information about a single network address pool that has been

added to an outside interface:

•

Type of inside interface (internal or DMZ)

•

Subnet configuration status (true if the network pool was set using a subnet mask,

false if it was set using a range of IP addresses)

•

IP address - the outside network IP address or the first address in the range of

addresses

•

Subnet Mask or End Address - the subnet mask of the outside network IP address or

the last address in the range of addresses

Options

The following table gives the range of values for each option that can be specified with

this command and a Default Value (if applicable).

Option

Description

Default Value

interface-

name

The name of an existing security interface (external or

DMZ) created and connected to an inside interface (DMZ

or internal) using the NAT ENABLE command. To display

security interfaces, use the SECURITY LIST INTERFACES

command.

N/A

Page 448 / 998

Network address translation - NAT

NAT command reference

iMG/RG Software Reference Manual (IPNetwork Functions)

4-146

Example

--> nat show globalpool gpl extinterface

NAT global address pool: gp1

Interface type: dmz

Subnet configuration: true

IP address: 192.168.102.3

Subnet mask or End Address: 255.255.255.0

See also

NAT LIST GLOBALPOOLS

SECURITY LIST INTERFACES

4.4.5.1.9 NAT ADD RESVMAP GLOBALIP TCP|UDP|BOTH

Syntax

NAT ADD RESVMAP <name> GLOBALIP <interfacename> <globalip>

<internalip> {TCP|UDP|BOTH} <portno> [<2ndportno>

[<localportno> [<2ndlocalportno>]]]

Description

This command maps an IP address from a global pool (created using the NAT ADD

GLOBALPOOL command) to an individual IP address inside the network. NAT trans-

lates packets between the outside IP address and the individual host based on the trans-

port information (TCP or UDP or both) given in this command.

Note:

Before you can add reserved mapping, you must enable a NAT object using the command NAT

ENABLE.

You can define reserved mappings for a range of ports and/or translating port numbers.

Options

The following table gives the range of values for each option that can be specified with

this command and a Default Value (if applicable).

Option

Description

Default Value

name

An existing global IP address. To display global IP

addresses, use the NAT LIST GLOBALPOOLS command.

N/A

interface-

name

The name of an existing security interface (external or

DMZ) created and connected to an inside interface (DMZ

or internal) using the NAT ENABLE command. To display

security interfaces, use the SECURITY LIST INTERFACES

command.

N/A

Page 449 / 998

NAT command reference

Network address translation - NAT

4-147

iMG/RG Software Reference Manual (IPNetwork Functions)

Example

--> nat add resvmap rm1 globalip extinterface 192.168.68.68 10.10.10.10 tcp 25

See also

NAT ENABLE

NAT LIST GLOBALPOOLS

NAT STATUS

SECURITY LIST INTERFACES

4.4.5.1.10 NAT ADD RESVMAP GLOBALIP

Syntax

NAT ADD RESVMAP <name> GLOBALIP <interfacename> <globalip> <inter-

nalip> {ICMP|IGMP|IP|EGP|RSVP|OSPF|IPIP|ALLGRE|Protocol<number>}

Description

This command maps an IP address from a global pool (created using the nat add glo-

balpool command) to an individual IP address inside the network. NAT translates packets

Option

Description

Default Value

name

An arbitrary name that identifies a reserved mapping

configuration. It can be made up of one or more let-

ters or a combination of letters and digits, but it can-

not start with a digit.

N/A

interfacename

The name of an existing security interface (external

or DMZ) created and connected to an inside inter-

face (DMZ or internal) using the NAT ENABLE

command. To display security interfaces, use the

SECURITY LIST INTERFACES command.

N/A

globalip

The IP address of an outside interface set using the

NAT ADD GLOBALPOOL command.

N/A

internalip

The IP address of an individual host inside the net-

work (internal or DMZ interface type).

N/A

portno

Either a single TCP or UDP port number that you

want to use in your reserved mapping configuration,

or the first port number in the range of ports.

N/A

2ndportno

The second TCP or UDP port number in the range

that started with the port specified in portno.

N/A

localportno

Either a single internal TCP or UDP port number or

the first port number in the range of external ports.

N/A

2ndlocalportno

The second internal TCP or UDP port number in

the range of external ports to be used if you have

specified a localportno.

N/A

Page 450 / 998

Network address translation - NAT

NAT command reference

iMG/RG Software Reference Manual (IPNetwork Functions)

4-148

between the outside IP address and the individual host based on the transport informa-

tion given in this command.

Note:

Before you can add reserved mapping, you must enable a NAT object using the command NAT ENABLE

Options

The following table gives the range of values for each option that can be specified with

this command and a Default Value (if applicable).

Option

Description

Default Value

name

An arbitrary name that identifies a reserved mapping con-

figuration. It can be made up of one or more letters or a

combination of letters and digits, but it cannot start with a

digit.

N/A

interface-

name

The name of an existing security interface (external or

DMZ) created and connected to an inside interface (DMZ

or internal) using the NAT ENABLE command. To display

security interfaces, use THE SECURITY LIST INTER-

FACES command.

N/A

globalip

The IP address of an outside interface set using the NAT

ADD GLOBALPOOL command.

N/A

internalip

The IP address of an individual host inside the network

(internal or DMZ interface type).

N/A

icmp

Internet Control Message Protocol

(ICMP) is set as

the transport type. ICMP messages are used for out-of-

band messages related to network operation or mis-oper-

ation. See

http://www.ietf.org/rfc/rfc0792.txt

.

N/A

igmp

Internet Group Management Protocol

(IGMP) is set

as the transport type. Allows Internet hosts to participate

in multicasting. See

http://www.ietf.org/rfc/rfc1112.txt

.

N/A

ip

Internetwork Protocol

(IP). Provides all of the Internet’s

data transport services.

http://www.ietf.org/rfc/rfc791.txt

and

http://www.ietf.org/rfc/rfc919.txt.

N/A

egp

Exterior Gateway Protocol

(EGP). Protocol for

exchanging routing information between autonomous sys-

tems. See http://www.ietf.org/rfc/rfc904.txt.

N/A

gre

Generic Routing Encapsulation

(GRE).Tunneling pro-

tocol developed by Cisco that can encapsulate a wide vari-

ety of network layer protocol packet types inside IP

Tunnel See

http://www.ietf.org/rfc/rfc2784.txt

.

N/A

Rate

https://19216811.live/alliedtelesis-atimg624a-manual/1 4 / 5 based on 3 votes.

Popular Allied-Telesis Models

AT-iMG624A

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share

Top