1. Manuals
  2. Brands
  3. Cisco Manuals
  4. Software
  5. 4700M
  6. Configuration manual

Cisco 4700M Configuration Manual page 339

Application control engine appliance security
Hide thumbs Also See for 4700M:
Table of Contents

Advertisement

Chapter 5
Configuring Network Address Translation
To create a pool of IP addresses for dynamic NAT, use the nat-pool command in
interface configuration mode. The syntax of this command is as follows:
The keywords, arguments, and options are as follows:
Cisco 4700 Series Application Control Engine Appliance Security Configuration Guide
OL-16202-01
nat-pool pool_id ip_address1 [ip_address2] netmask mask [pat]
pool_id—Identifier of the NAT pool of global IP addresses. Enter an integer
from 1 to 2147483647.
If you configure more than one NAT pool with the same ID, the ACE
Note
uses the last-configured NAT pool first, and then the other NAT pools.
ip_address1—Single IP address, or if also using the ip_address2 argument,
the first IP address in a range of global addresses used for NAT. Enter an IP
address in dotted-decimal notation (for example, 172.27.16.10).
ip_address2—(Optional) Highest IP address in a range of global IP addresses
used for NAT. Enter an IP address in dotted-decimal notation (for example,
172.27.16.109). You can configure a maximum of 64 K addresses in a NAT
pool.
If you specify PAT, you can configure a maximum of 32 IP addresses in a NAT
pool range. You cannot configure an IP address range across subnets. For
example, the following command is not allowed and will generate an Invalid
IP address error: nat-pool 2 10.0.6.1 10.0.7.20 netmask 255.255.255.0.
The ACE allows you to configure a virtual IP (VIP) address in the
Note
NAT pool for dynamic NAT and PAT. This action is useful when you
want to source NAT real server originated connections (bound to the
client) using the VIP address. This feature is specifically useful when
there are a limited number of real world IP addresses on the
client-side network. To perform PAT for different real servers that are
source-NATed to the same IP address (VIP), you must configure the
pat keyword in the nat-pool command.
netmask mask—Specifies the subnet mask for the IP address pool. Enter a
mask in dotted-decimal notation (for example, 255.255.255.255). A network
mask of 255.255.255.255 instructs the ACE to use all the IP addresses in the
specified range.
Configuring Dynamic NAT and PAT
5-13

Advertisement

Table of Contents
loading

Related Manuals for Cisco 4700M

Related Products for Cisco 4700M

This manual is also suitable for:

4700 series

Table of Contents