Operation Manual – NAT, Netstream, Policy RoutingH3C S7500 Series Ethernet Switches Chapter 1 NAT Configuration1-6Task RemarksConfiguring Non-Standard Internal FTP Server RequiredConfiguring NAT Blacklist RequiredConfiguring NAT Connection Aging Time OptionalConfiguring NAT Security Logging Optional1.3.2 Configuring a NAT Address PoolA NAT address pool is a set of consecutive public IP addresses. During addresstranslation, the NAT server selects an IP address from the address pool as thetranslated source address. You can use the nat address-group command to configurean address pool.Follow these steps to configure a NAT address pool:To do… Use the command… RemarksEnter system view system-view —Configure a NAT addresspoolnat address-group group-numberstart-addr end-addr RequiredCaution:z A NAT address pool can contain at most 256 IP addresses.z The IP addresses in a NAT address pool cannot be overlapped with the internalnetwork addresses.z A NAT address pool cannot contain any subnet or broadcast address.z You cannot delete an address pool that has been associated with an ACL.1.3.3 Configuring NATBy associating an ACL to a NAT address pool (or an interface address), you can makethe NAT server perform address translation for packets matching the ACL beforeforwarding the packets at Layer 3, and directly forward the packets that do not matchthe ACL without address translation. Before a packet from your internal network isforwarded to any external network, it is first checked against the ACL. If it matches theACL, the NAT process uses the address pool or the interface address associated withthe ACL to translate the packet.