nat server protocol global unnumbered interface

Format

nat server protocol { tcp | udp | protocol-number } global unnumbered interface { interface-name | interface-type interface-number } global-protocol inside host-address host-protocol [ vpn-instance vpn-instance-name ] [ redirect ip-addr { inbound | outbound } ]

undo nat server protocol { tcp | udp | protocol-number } global unnumbered interface { interface-name | interface-type interface-number } global-protocol inside host-address host-protocol [ vpn-instance vpn-instance-name ] [ redirect ip-addr { inbound | outbound } ]

Parameters

Parameter	Description	Value
tcp	Indicates that an internal server runs TCP.	-
udp	Indicates that an internal server runs UDP.	-
protocol-number	Specifies a protocol number.	The value is an integer ranging from 1 to 255.
unnumbered	Specifies an unnumbered IP address.	-
interface interface-name	Specifies the name of an interface.	The value is a string of 1 to 31 case-sensitive characters. It cannot contain spaces.
interface-type	Specifies the type of an interface.	-
interface-number	Specifies the number of an interface.	The value is a string of 0 to 63 case-sensitive characters. It cannot contain spaces.
global-protocol	Specifies the protocol that an internal server runs to communicate with an external device. For example, the protocol can be PoP2, PoP3, or SMTP.	The value is a string of 1 to 31 case-sensitive characters. It cannot contain spaces.
inside host-address	Specifies the protocol that an internal server runs to communicate with an external device. For example, the protocol can be PoP2, PoP3, or SMTP.	The value is in dotted decimal notation.
host-protocol	Specifies the protocol that an internal server runs. For example, the protocol can be PoP2, PoP3, or SMTP.	The value is a string of 1 to 31 case-sensitive characters. It cannot contain spaces.
vpn-instance vpn-instance-name	Specifies the name of a VPN instance to which an internal server belongs.	The value is a string of 1 to 31 case-sensitive characters, spaces not supported. In addition, the VPN instance name must not be _public_. When double quotation marks are used around the string, spaces are allowed in the string.
redirect ip-addr	Specifies a redirected next-hop IP address. If traffic passing through a server has a conflicting next-hop IP address, configure this parameter so that the traffic is redirected to a specified next-hop IP address.	The value is in dotted decimal notation.
inbound	Redirects user-to-network packets to a next hop.	-
outbound	Redirects user-to-network packets to a next hop.	-

Views

System view

Default Level

2: Configuration level

Task Name and Operations

Task Name	Operations
nat	write

Usage Guidelines

Usage Scenario

On an enterprise network, an interface address must be different from that in a NAT address pool. As public IP addresses are limited, enterprise users have to expand the number of public IP addresses. An internal server can be configured to reuse an interface address to help the enterprise users to lower the cost in applying for public IP addresses.

Precautions

NAT ALG does not take effect on protocol packets that match port-level NAT internal server mappings.

Example

# Configure an internal server running TCP to use the IP address of GE 0/1/1 in a simplified NAT instance.

<HUAWEI> system-view
[~HUAWEI] interface GigabitEthernet0/1/1
[~HUAWEI-GigabitEthernet0/1/1] ip address 10.10.1.0 255.255.255.0
[~HUAWEI-GigabitEthernet0/1/1] commit
[~HUAWEI-GigabitEthernet0/1/1] quit
[~HUAWEI] nat instance cpe1 id 1 simple-configuration
[~HUAWEI-nat-instance-cpe1] commit
[~HUAWEI-nat-instance-cpe1] quit
[~HUAWEI] nat server protocol tcp global unnumbered interface GigabitEthernet 0/1/1 11 inside 10.10.1.1 13