[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]

Statically Assigning NAT Addresses from a Dynamic Pool

On a Services Router you can statically assign addresses from a pool that is being used for dynamic NAT. This approach enables you to advertise one subnet representing the NAT pool and use addresses within the subnet for static rules. However, you cannot reuse these statically assigned addresses for dynamic assignment.

Note: The addresses assigned statically from the dynamic pool can be used only for source static NAT and not for destination static NAT.

The example in this section shows how to create two pools—static-pool and dynamic-pool—and statically assign NAT addresses from a dynamic NAT pool with the terms described in Table 87.

Table 87: Sample Terms for Statically Assigned NAT Addresses

Term

Purpose

static-pool-term

Statically assigns addresses to translate the source address 10.10.10.2. The translated address is an address within the static pool 121.0.1.10 through 121.0.1.12. This static pool is a subnet from the dynamic pool.

dynamic-pool-term

Dynamically assigns addresses for translation of source addresses of all addresses not specified in static-pool-term. The translated address is within the dynamic pool 121.0.1.0/24. The addresses 121.0.1.10, 121.0.1.11 and 121.0.1.12 (reserved for the static pool) are excluded from the dynamic pool.

To statically assign NAT addresses from a dynamic pool:

  1. Navigate to the top of the configuration hierarchy in either the J-Web or CLI configuration editor.
  2. Perform the configuration tasks described in Table 88.
  3. Apply the NAT configuration to an interface. See Applying NAT to an Interface.

Table 88: Statically Assigning NAT Addresses from Dynamic NAT Pool

Task

J-Web Configuration Editor

CLI Configuration Editor

Navigate to the Nat level in the configuration hierarchy.
  1. In the J-Web interface, select Configuration>View and Edit>Edit Configuration.
  2. Next to Services, click Configure or Edit.
  3. Next to Nat, click Configure or Edit.

From the [edit] hierarchy level, enter

edit services nat

Define dynamic-pool and assign it an address to be used for network address translation.
  1. Next to Pool, click Add new entry.
  2. In the Pool Name box, type dynamic-pool.
  3. Next to Address, click Add new entry.
  4. In the Prefix box, type 121.0.1.0/24.
  5. Click OK twice.

Set the NAT pool name and the address:

set pool dynamic-pool address 121.0.1.0/24

Define static-pool and assign it an address range to be used for network address translation.
  1. Next to Pool, click Add new entry.
  2. In the Pool Name box, type static-pool.
  3. Next to Address range, click Add new entry.
  4. In the High box, type 121.0.1.12.
  5. In the Low box, type 121.0.1.10.
  6. Click OK.

Set the NAT pool name and the address range:

set pool static-pool address-range low 121.0.1.10 high 121.0.1.12

Define static-in-dynamic-rule and set its match direction.
  1. On the Nat page, next to Rule, click Add new entry.
  2. In the Rule name box, type static-in-dynamic-rule.
  3. From the Match direction list, select input.

Set the rule name and its match direction:

set rule static-in-dynamic-rule match-direction input

Define static-pool-term for static-in-dynamic-rule and specify its match condition—source address 10.10.10.2.

  1. On the Rule page, next to Term, select Add new entry.
  2. In the Term name box, type static-pool-term.
  3. Next to From, click Configure.
  4. Next to Source Address, click Add new entry.
  5. From the Address list, select Enter Specific Value.
  6. In the Prefix box, type 10.10.10.2.
  7. Click OK twice.

Set the term name and its match condition:

set rule static-in-dynamic-rule term static-pool-term from source-address 10.10.10.2

Specify the referenced pool for static-pool-term and set its action—translation type as source static.
  1. Next to Then, select Configure.
  2. From the Designation list, select Translated.
  3. Next to Translated, click Configure.
  4. From the Source pool choice list, select Source pool.
  5. In the Source pool box, type static-pool.
  6. Click OK.

Set the pool and action for the term:

set rule static-in-dynamic-rule term static-pool-term then translated source-pool static-pool translation-type source static

Define dynamic-pool-term for static-in-dynamic-rule. Specify the pool to be used for address translation and the term’s action—to dynamically assign addresses for source address translation.

The action is taken on packets not matching static-pool-term.
  1. Next to Term, click Add new entry.
  2. In the Term name box, type dynamic-pool-term.
  3. Next to Then, click Configure.
  4. From the Designation list select Translated.
  5. Next to Translated, click Configure.
  6. From the Source pool choice list, select Source pool.
  7. In the Source pool box, type dynamic-pool.
  8. From the Source translation type list, select dynamic.
  9. Click OK.

Set the name of the term, its reference pool and its translation type:

set rule static-in-dynamic-rule term dynamic-pool-term then translated source-pool dynamic-pool translation-type source dynamic

[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]

[an error occurred while processing this directive]