Zhone 5100 Guide D’Exploitation
CHAPTER 3
Interfaces
Interfaces
94
Vpacket 5100/6100 Series Reference Manual
Viewing NAT port maps
You can view all configured NAT port map entries in the 5100/6100 VDR by issuing the show
nat port_map command.
Syntax: show nat port_map
Example:
Syntax: show nat port_map
Example:
In this example, one NAT entry is displayed. The entry maps TCP packets addressed to the
HTTP web server (see Figure 3-1 on page 54 ) at IP address 10.10.10.2 from the outside port 80
to an inside port 2280.
Adding a static IP mapping for NAT
The static IP NAT mapping allows the user to define a IP address mapping between a private and
a public IP address. The private IP address is been seen on the Ethernet port and the public IP
address is been seen on the WAN side. Both IP addresses needs to be different from the IP
addresses of the VDR. The public IP address can not be the WAN IP address or the LAN IP
address. A packet received on the WAN side with the destination IP address of the outside static
IP mapping configuration is forwarded to the Ethernet side by changing the destination IP
address to the configured inside IP address.
This feature may be viewed as a larger extension of the port mapping feature. The major
This feature may be viewed as a larger extension of the port mapping feature. The major
differences between port mapping and static mapping are:
•
•
Port mapping does not need an additional “outside” IP address. Static mapping does.
•
In port mapping, only traffic directed to specific ports on the 5100/6100 VDR’s WAN IP
address are forwarded to the internal host. In case of static mapping, all traffic directed at any
port of the VDR’s “outside” IP is forwarded to the “inside” IP address.
address are forwarded to the internal host. In case of static mapping, all traffic directed at any
port of the VDR’s “outside” IP is forwarded to the “inside” IP address.
This feature may be used to open a “transparent” pipe to a host on the Ethernet subnet, where
complete access to the host is required, and specifying individual port maps is not feasible.
VPacket# show nat port_map
Number of Port Mappings defined: 1
Outside Inside Inside
Protocol Port Address Port - Optional
tcp 80 10.10.10.2 2280
VPacket#