Whether the USG2000 series can map ports after the nat server command is executed

17

USG2000 series cannot map ports after the nat server command is executed.

Other related questions:
Whether the USG2000 series support batch configuration for server mapping
Not supported

Whether UDP can be specified for NAT Server configured for the USG2000 and USG5000 series
You can configure the UDP port mapping when configuring NAT Server for the USG2000 and USG5000 series. The configuration method is the same as that for TCP port mapping. [USG]nat server protocol udp global 1.1.1.1 10000 inside 2.2.2.2 10000 [USG]disp nat server id : 3 zone : --- interface : --- global-start-addr : 1.1.1.1 global-end-addr : --- inside-start-addr : 2.2.2.2 inside-end-addr : --- global-start-port : 10000(hwcc) global-end-port : --- insideport : 10000(hwcc) globalvpn : public insidevpn : public protocol : udp vrrp : --- no-reverse : no

Whether the intranet servers can use the same port number to access the external network after experiencing the NAT on the USG2000, USG5000, and USG6000
Can the intranet servers use the same port number to access the external network after experiencing the NAT on the USG2000, USG5000, and USG6000? No.

After the NAT server based on the IP address and port number is configured, the mapping takes ineffective
After the NAT server is configured based on the IP address and port number, the mapping takes ineffective. Perform the following operations to locate the fault: 1. Access the internal server to determine whether the internal server can communicate. 2. Check whether there are reachable routes between the device configured with the NAT server and the external host and internal server. 3. Check whether the NAT server configuration is correct. 4. Check whether the mapped external port number is available, and replace the external port to check whether the internal server can be accessed. 5. Run the display nat session command on the device configured with the NAT server to check whether there are entries before and after mapping. Obtain packets and check whether addresses in packets for access of external users are translated on the device configured with the NAT server.

How to locate the mapping failure problem after the NAT server based on the IP address and port number is configured on an AR
After the NAT server based on IP address + port number mapping, the mapping fails. Use the following method: 1. Check whether the internal network server can be accessed. You can access the internal server through the intranet. 2. Check whether there are reachable routes from the external host and internal server to the NAT server. 3. Check whether the NAT server is correctly configured. 4. Check whether the mapped external port number is available. Replace the external port to determine whether you can access the internal server. 5. Run the display nat session command on the NAT server to check whether there are entries before and after mapping, and obtain packets to check whether the NAT server translates the address of data packets of external user access.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top