9.14. Static Mappings¶
Static mapping provides access from the Internet to hosts or services in the internal network. There are two types of static mappings available:
- IP-IP mapping
This mapping makes the internal resource fully accessible by all protocols and ports. It may be used when the resource runs applications that use ephemeral ports which are not known in advance.
- IP:port-IP:port mapping
This mapping makes the internal resource accessible only by specific protocol and port. It should be used when you know exactly which port is used by an application running on the internal resource.
- nat static int-ip A.B.C.D ext-ip A.B.C.D¶
Create a static IP-IP mapping. External IP address must already exist as part of any pool of type “NAT”.
- nat static proto <tcp|udp> int-ip A.B.C.D int-port 1-65535 ext-ip A.B.C.D ext-port 1-65535¶
Create a static IP:Port-IP:Port mapping. External IP address must already exist as part of any pool of type “NAPT”.
- show <nat|nat64> static¶
Display the configured static mappings.
9.14.1. Usage Example¶
Create a NAT pool (see Pools section) and assign a range of the external IP addresses:
nat pool test range 203.0.113.1 203.0.113.127 type nat enable
Create a subscriber group and configure it to use this pool:
nat subscriber-group default-group pool test
Create a NAT rule for a subnet 192.168.3.0/28:
nat rule subnet 192.168.3.0/28 subscriber-group default-group
Set a static IP-IP mapping:
nat static int-ip 192.168.3.3 ext-ip 203.0.113.1
Or set a static IP:Port-IP:Port mapping. The configuration for NAPT will be the same. The NAT type line will not be displayed because it is used by default:
nat static proto tcp int-ip 192.168.3.3 int-port 3 ext-ip 203.0.113.1 ext-port 171