Basics

NAT root context

All commands related to NAT configuration must be entered in the NAT context, or one of its sub-contexts.

router{conf:myconfig}nat

Displaying NAT configuration

To display information about NAT context, the following commands can be used:

router{conf:myconfig}display nat

or

router{conf:myconfig-nat}display
    # NAT STATEMENTS

    # NAT PUBLIC INTERFACES
      public interface eth2_0
        nat enable

      # DYNAMIC MAPPINGS
        dynamic 10 192.168.1.0/24 passthrough
        dynamic 20 192.168.2.0/24 to 10.1.2.3
        dynamic 30 0.0.0.0/0 to 10.1.2.4 port-range 10000-20000

      # STATIC MAPPINGS
        static 10 protocol tcp public 10.1.2.3:8080 private 192.168.2.254:80

      public interface eth3_0
        nat enable

      # DYNAMIC MAPPINGS
        dynamic 10 0.0.0.0/0 to primary-address

      # STATIC MAPPINGS

    # NAT timeouts
      nat tcp timeout time-wait 120
      nat udp timeout mapping 30
      nat udp timeout stream 180
      nat icmp timeout query-session 30

    # LOG
router{conf:myconfig-nat}