Got it
Huawei Enterprise Support Community
Community Forums Security
Understand Firewall NAT S...

Understand Firewall NAT Server & Source NAT Using the WEB - In Practice

Latest reply: Feb 23, 2022 06:45:50 342 21 22 0 1
View the author 1#

Understand Firewall NAT Server & Source NAT Using the WEB - In Practice


Hello guys!


Today, I would like to present an introduction to Firewall NAT Server & Source NAT in practice.


About This Experiment


After NAT is configured on the firewall connecting an intranet to the Internet, multiple users on the intranet can access the Internet at the same time by using a small number of public IP addresses. In addition, users on the Internet can access the intranet server through specific IP addresses.


Objectives:


  • Understand the application scenario and mechanism of Source NAT.

  • Understand the application scenario and mechanism of NAT Server.

  • Configure NAT Server and Source NAT on the WEB and web UI.


Experiment Networking


1

Figure 1 - Topology for configuring NAT Server and Source NAT on a firewall



Experiment Planning


Configuration Procedure on the Web UI


Step 1 Configure interfaces on the USG.


Choose Network > Interface. Click edit next to the interface to be configured. Set parameters, and then click OK. The following figure shows the configuration of GigabitEthernet1/0/6.


2



The configuration of GigabitEthernet1/0/5 is similar.


3


Step 2 Configure a security policy on the USG to permit packets from the Trust zone to the Untrust zone.


Choose Policy > Security Policy > Security Policy. Click Add. Set the parameters one by one. Click OK. The following figure shows the security policy that permits packets from the Trust zone to the Untrust zone.


4

5


Step 3 Configure a NAT address pool. The public IP addresses range from 2.2.2.2 to 2.2.2.5.


Choose Firewall > NAT > Source NAT. Click the Source Translation Address Pool tab. Click +. The following figure shows the configuration. After the configuration is complete, click OK.


4

5


Step 4 Configure a NAT policy.


Choose Policy > NAT Policy > Source NAT. Click the Source NAT tab. In Source NAT Policy List, click +. Set the parameters shown in the following figure and click OK.


3

4


Verification


Checking the Ping Result and Firewall Session Table

Ping PC2 from PC1.


8


11


With that our practical example was completed.


Cheers,


NATSourceDestination

Like (22) Dislike (0) Favorite(1) Share Report
Previous: USG6510E external Management connection
Next: BlueBorne Attack
(1) (0)
2#
chenhui
Admin Created Dec 30, 2021 00:54:01

Hi,

For more details about the source NAT, you can also refer to Source NAT mode of USG firewall.
View more
  • x
  • convention:

andersoncf1
andersoncf1 Created Dec 31, 2021 16:43:31 (0) (0)
Thanks Master!  
Saqibaz
Saqibaz Created Feb 23, 2022 06:45:32 (0) (0)
Thanks  
(1) (0)
3#
Nikica
Created Dec 30, 2021 06:57:33

Good share
View more
  • x
  • convention:
(0) (0)
4#
faysalji
Author Created Jan 10, 2022 12:13:06

Useful guide, thanks for sharing
View more
  • x
  • convention:
(0) (0)
5#
user_4326135
Created Jan 10, 2022 12:31:54

Very informative and useful post
View more
  • x
  • convention:
(0) (0)
6#
Saqib123
Created Jan 10, 2022 12:49:44

Thanks for sharing
View more
  • x
  • convention:
(0) (0)
7#
Diego.Silva
MVE Author Created Jan 10, 2022 13:51:48

Very informative and useful post
View more
  • x
  • convention:
(0) (0)
8#
Sara_Obaid
Created Jan 10, 2022 15:50:44

Excellent post. Thanks for sharing
View more
  • x
  • convention:
(0) (0)
9#
Herediano
Created Jan 10, 2022 22:44:11

Excellent, thank you for sharing!
View more
  • x
  • convention:
(0) (0)
10#
Kevin_Thomas
Created Jan 11, 2022 05:42:07

Excellent share. As always, keep up the good work!
View more
  • x
  • convention:
12
Back to list

Comment

Advanced
B Color Image Link Quote Code Smilies
You need to log in to comment to the post Login | Register
Comment

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " User Agreement."

My Followers

Login and enjoy all the member benefits

Login
Huawei Website Support About Huawei Privacy User Agreement Terms of Use Cookies Cookie Settings
Huawei Enterprise Huawei Carrier Forum Training & Certification

Contact Us: e_online@huawei.com Copyright © 2022 Huawei Technologies Co., Ltd. All rights reserved.

APP

Block
Are you sure to block this user?
Users on your blacklist cannot comment on your post,cannot mention you, cannot send you private messages.
Reminder
Please bind your phone number to obtain invitation bonus.