CX911 port mapping configuration

1

For details, see Configuring the Port Mapping in the CX911 User Guide.
CX911 User Guide:
? C00 version:
http://support.huawei.com/enterprise/en/doc/DOC1000015894/?idPath=7919749|9856522|21782478|19955021|19961380
? C10 version:
http://support.huawei.com/enterprise/en/doc/DOC1000036341/?idPath=7919749|9856522|21782478|19955021|19961380

Other related questions:
Compatibility between E9000 switch modules and subcards of blades
For details about the mapping between the E9000 switch modules and the mezzanine cards of the blades, see http://support.huawei.com/huaweiconnect/enterprise/thread-268293.html.

Whether the CX911 supports GE or 10GE ports
The CX911 supports 10GE optical ports. The ports adapt to GE ports. The supported ports are as follows: ? 10GE switching plane: 32 x 10GE downlink ports (each half-width slot: 2 x 10GE) and 16 x 10GE uplink optical ports ? FC switching plane: 12 x FCoE downlink ports connected to slots 1 to 12, 4 x FC downlink ports connected to slots 13 to 16, and 8 x 8G FC uplink ports

E9000 switch module configuration assistant
Go to Link.

How to configure all-port mapping on the AR

Procedure

# Configure the NAT server on a public network interface to map all TCP ports with public IP address 1.1.1.1 to all ports with private IP address 192.168.0.1.

<Huawei> system-view
[Huawei] interface gigabitethernet 1/0/0
[Huawei-GigabitEthernet1/0/0] nat server protocol tcp global 1.1.1.1 inside 192.168.0.1

More information

If an enterprise has two or more allocatable public IP addresses and an internal server needs to provide services for public network users, all-port mapping can be configured for one public IP address. If you do not specify the range of port numbers open to public network users in the nat server command, all ports of the internal server are mapped to the same public IP address. That is, the server provides all types of services to public network users using all ports with the public IP address. If the IP address of a public network interface is used to provide services to public network users, configuring all-port mapping on this interface will cause failures of public network users to access the web interface or other services on the AR router, because all port numbers associated with the IP address are mapped to the internal server. Therefore, if only one public IP address is available, you are advised to configure mapping of specific port numbers. All-port mapping allows multiple ports to be mapped at one time, but this configuration lowers the network security because all ports are open to the public network.
Configure port mapping on an AR router

Configure port mapping on an AR router. Port mapping is implemented based on ACLs. The application layer protocols that port mapping supports include FTP, DNS, HTTP, SIP, PPTP, and RTSP. Generally, the application layer protocols use well-known ports for communication. Port mapping allows users to define a group of new port numbers for different application layer protocols, reducing the risk of malicious attacks on a service. Port mapping makes senses only when it is used in conjunction with service-sensitive features such as ASPF and NAT. 1. Run the port-mapping { dns | ftp | http | sip | rtsp | pptp } port port-number acl acl-number command in the system view to configure port mapping globally. A protocol can be configured with multiple mapped ports, and a port can be mapped to multiple protocols. The ports must be distinguished based on ACLs. Different mapping relationships are applied to packets matching different ACLs. Actually, port mapping identifies protocols used by packets destined for a specific IP address (for example, WWW server). When trying to match the packets with basic ACL rules, port mapping matches the destination IP addresses in the packets with the source IP addresses defined in the ACL rules. 2. Run the display port-mapping [ dns | ftp | http | rtsp | sip | port port-number | pptp ] command to check the information about port mapping. An example of configuring port mapping is as follows: [Huawei] port-mapping ftp port 2121 acl 2102 //Configure port mapping on a router. [Huawei] display port-mapping ftp //Check the configuration result. For details about configuration of port mapping on AR routers, see the URL: AR router configuration port-mapping .

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top