Step 1: ACL rules
- Run the system-view command to enter the system view.
- Run the acl number 2000/3000 command to create an ACL using the number and enter the ACL view.
- Configure basic ACL rules or advanced ACL rules according to the actual situation, basic ACL 2000~2999 advanced ACL 3000~3999
Step 2: Configure the address association of the outgoing interface
- Run the system-view command to enter the system view.
- To configure the address association of the outgoing interface, the user can choose one of the configuration methods according to the actual situation. Configure NAT Outbound with an address pool: Execute the command nat address-group 1 start-address end-address to configure a public network address pool. Run the interface g0/0/0 command to enter the interface or sub-interface view. Run the nat outbound acl-number address-group 1 [ no-pat ] command to configure NAT outbound with an address pool. To configure Easy IP without an address pool: Execute the interface g0/0/0 command to enter the interface or sub-interface view. Run the nat outbound acl-number [ interface interface-type interface-number [ .subnumber ] ] [ vrrp vrrpid ] command to configure Easy IP.
Verify configuration results
Run the display nat outbound command on the Router to view the NAT result.
What are the common configuration errors of NAT?
Common misconfiguration cases avoid introducing faults during the configuration phase.
1. The host on the internal network cannot access the external network (NAT Outbound fault phenomenon)
2. The host on the internal network cannot access the external network (NAT Outbound fault phenomenon)
3. The host whose internal and external addresses overlap cannot access the external network (two NAT failures)