Chapter 5
Configuring Network Address Translation
Configuring an ACL for Static NAT and Static Port Redirection
Configuring Interfaces for Static NAT and Static Port Redirection
Configuring a Class Map
OL-16202-01
Use an access control list (ACL) to permit the traffic that requires static NAT and
port redirection. For details about configuring an ACL, see
Configuring Security Access Control
To configure an ACL for static NAT, use the access-list command in configuration
mode. The syntax of this command is as follows:
access-list name [line number] extended {deny | permit}
{protocol} {src_ip_address netmask | any | host src_ip_address}
[operator port1 [port2]] {dest_ip_address netmask | any | host
dest_ip_address} [operator port3 [port4]]
For example, enter:
host1/C1(config)# access-list acl1 line 10 extended permit tcp
10.0.0.0 255.0.0.0 eq 8080 any
To delete the ACL from the configuration, enter:
host1/C1(config)# no access-list nat_access
Configure an interface for clients and an interface for the real servers. For details,
see the Cisco 4700 Series Application Control Engine Appliance Routing and
Bridging Configuration Guide.
You can configure a traffic class for static NAT and port redirection by using the
class-map command in configuration mode. For more information about class
maps, see the Cisco 4700 Series Application Control Engine Appliance
Administration Guide.
The syntax of this command is as follows:
class-map match-any name
Cisco 4700 Series Application Control Engine Appliance Security Configuration Guide
Configuring Static NAT and Static Port Redirection
Lists.
Chapter 1,
5-35