Login
- Table of Contents
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 01-Port Mapping and NAT Hairpin Configuration Examples | 198.68 KB |
Contents
Use the version (V) for more information about the detailed introduction.
Configuration: Set Up Internet on a Router
Introduction
This document explains how to configure router port mapping + NAT hairpin. For more information about NAT hairpin, refer to the relevant sections.
When both external network users (such as traveling employees) and internal corporate network users need to access an internal network server using an external network address', this can be achieved by configuring port mapping' (that is, in the Web 'management (Mgmt) interface, under NAT settings port mapping) and NAT hairpin (in the Web management (Mgmt) interface', under NAT settings - Advanced Settings - NAT hairpin function').
Prerequisites
This document is not restricted to specific software or hardware versions. Procedures and information in the examples might be slightly different depending on the software or hardware version of the device.
The configuration examples were created and verified in a lab environment, and all the devices were started with the factory default configuration. When you are working on a live network, make sure you understand the potential impact of every command on your network.
This document assumes you are familiar with NAT configuration -port mapping features and NAT configuration - advanced settings - NAT hairpin features. For more information about these topics, please refer to the relevant sections.
Use the version (V) for more information about the detailed introduction.
This configuration example was performed and qualified on the MSR3610-X1 router, ESS 6749L13 version.
Example configuration
Networking requirements
As shown in Figure 1, the Router serves as the enterprise's exit gateway, connecting to the Internet via the WAN1 interface. The WAN1 interface uses a static connection mode, with an IP address of 20.1.1.2/24 and a gateway address of 20.1.1.1.
External users and internal corporate network users need to access the OA server on the internal network using the WAN1 IP address and a port. Therefore, configure port mapping' and NAT hairpin function' on the Router.
The information for the OA server is as follows:
· Protocol type: TCP
· Enter 192.168.1.2 in the IP address field.
· Internal port: 80
Figure 1 Port Mapping + NAT Hairpin Typical Configuration Network Diagram
Procedure Configuration
Configuration: Set Up Internet on a Router
In this example, the external network operates in a single WAN scenario, with the WAN interface using a fixed address connection mode. The configuration procedure is as follows:
1. Select Network Settings > WAN Configuration in the device's Web management (Mgmt) interface navigation bar to access the WAN configuration page.
2. Under the Scenario Definition tab, select the single WAN scenario and click the Apply button to activate the configuration.
Figure 2 Configure WAN scenarios.
3. Click the WAN Configuration tab to access the WAN configuration page.
4. Click the edit icon in the operation column for the WAN1 interface to access the WAN configuration modification page.
5. In the Connection Mode configuration item (CI), select a fixed address.
6. Enter 20.1.1.2 in the IP address field.
7. Enter 255.255.255.0 in the subnet mask configuration item field.
8. Enter 20.1.1.1 in the gateway address field.
9. Enable the NAT address translation configuration item (CI) at the designated location.
10. Keep other parameters at their default settings and click OK to save the configuration.
Figure 3 Set up the WAN1 interface for Internet connection.
Configure port mapping.
In this example, only the web service of the server is being mapped, so select a custom port number and keep the starting and ending port numbers the same. It is recommended to use port numbers of 10000 or higher.
1. In the device's Web Mgmt interface, select Network Settings > NAT Configuration to access the NAT configuration page.
2. Under the port mapping tab, click the Add button to enter the Add NAT Port Mapping page.
3. At the interface configuration item, select the current interface WAN1.
4. In the protocol type, select TCP. For more information about TCP, refer to the related documentation.
5. At the External Address configuration item, select the current interface IP address.
6. In the External Port configuration item, select Custom Port and enter 10000 for both the starting and ending port number; port ID configuration items.
7. Enter 192.168.1.2 in the Internal Address configuration item, which is the IP address of the internal network OA server.
8. In the Internal Port configuration item, enter 80 for the starting port number.
9. Click OK.
Figure 4 Add NAT port mapping
Set up NAT hairpinning.
|
|
NOTE: In this example, all other PCs in the intranet belong to VLAN1, so it is necessary to assign VLAN1 to the active interface for NAT hairpinning. For more information about NAT hairpinning, refer to the relevant documentation. |
The configuration procedure is as follows:
1. In the device's Web management interface, select Network Settings > NAT Configuration to access the NAT configuration page.
2. Click the Advanced Configuration tab to access the advanced configuration page.
3. Enable the NAT hairpin function by selecting the appropriate option.
4. Click the Apply button to complete the configuration.
Figure 5 Enable the NAT Hairpin function.
Verifying the configuration
External and internal network users can access the corporate intranet OA server page by entering http://20.1.1.2:10000 in their browser after successful configuration qualification
