9.14. Static Mappings

Static mapping provides access from the Internet to hosts or services in the internal network. There are two types of static mappings available:

IP-IP mapping

This mapping makes the internal resource fully accessible by all protocols and ports. It may be used when the resource runs applications that use ephemeral ports which are not known in advance.

IP:port-IP:port mapping

This mapping makes the internal resource accessible only by specific protocol and port. It should be used when you know exactly which port is used by an application running on the internal resource.

Commands

nat static int-ip A.B.C.D ext-ip A.B.C.D

Create a static IP-IP mapping. External IP address must already exist as part of any pool of type “NAT”.

nat static proto <tcp|udp> int-ip A.B.C.D int-port 1-65535 ext-ip A.B.C.D ext-port 1-65535

Create a static IP:Port-IP:Port mapping. External IP address must already exist as part of any pool of type “NAPT”.

show <nat|nat64> static

Display the configured static mappings.

Usage Example

  1. Create a NAT pool (see Pools section) and assign a range of the external IP addresses:

nat pool test
 range 203.0.113.1 203.0.113.127
 type nat
 enable
  1. Create a subscriber group and configure it to use this pool:

nat subscriber-group default-group
 pool test
  1. Create a NAT rule for a subnet 192.168.3.0/28:

nat rule subnet 192.168.3.0/28 subscriber-group default-group
  1. Set a static IP-IP mapping:

nat static int-ip 192.168.3.3 ext-ip 203.0.113.1
  1. Or set a static IP:Port-IP:Port mapping. The configuration for NAPT will be the same. The NAT type line will not be displayed because it is used by default:

nat static proto tcp int-ip 192.168.3.3 int-port 3 ext-ip 203.0.113.1 ext-port 171