Configure port mapping on an AR router

Configure port mapping on an AR router. Port mapping is implemented based on ACLs. The application layer protocols that port mapping supports include FTP, DNS, HTTP, SIP, PPTP, and RTSP. Generally, the application layer protocols use well-known ports for communication. Port mapping allows users to define a group of new port numbers for different application layer protocols, reducing the risk of malicious attacks on a service. Port mapping makes senses only when it is used in conjunction with service-sensitive features such as ASPF and NAT.
1. Run the port-mapping { dns | ftp | http | sip | rtsp | pptp } port port-number acl acl-number command in the system view to configure port mapping globally. A protocol can be configured with multiple mapped ports, and a port can be mapped to multiple protocols. The ports must be distinguished based on ACLs. Different mapping relationships are applied to packets matching different ACLs.
Actually, port mapping identifies protocols used by packets destined for a specific IP address (for example, WWW server). When trying to match the packets with basic ACL rules, port mapping matches the destination IP addresses in the packets with the source IP addresses defined in the ACL rules.
2. Run the display port-mapping [ dns | ftp | http | rtsp | sip | port port-number | pptp ] command to check the information about port mapping.
An example of configuring port mapping is as follows:
[Huawei] port-mapping ftp port 2121 acl 2102 //Configure port mapping on a router.
[Huawei] display port-mapping ftp //Check the configuration result.
For details about configuration of port mapping on AR routers, see the URL: AR router configuration port-mapping .

Scroll to top