Specifications
nat create dynamic
464 SSR Command Line Interface Reference Manual
nat create dynamic
Purpose
Defines local and global IP address pools for dynamic address binding.
Format
nat create dynamic local-acl-pool <local-acl> global-pool <ip-addr/ip-addr-range/ip-addr-
list> [matches-interface <interface>] [enable-ip-overload]
Mode
Configure
Description
The nat create dynamic command lets you specify the local-acl pool and global IP address
pool that are to be used for dynamic address binding. With dynamic address translation,
IP address bindings last only until the data flow ages out or the dynamic binding is
manually deleted. Global IP addresses defined for dynamic translation are reassigned
whenever they become free. The local address pool for dynamic bindings are defined via
an ACL profile, while the global address pool must be specified as a single IP address, an
address range, an IP address and mask, or an IP list. You can also specify multiple global
pools for the same local-acl pool, if you have more than one connection to the Internet on
different interfaces.
Parameters
local-acl-pool <local-acl>
The ACL that corresponds to the local IP address pool. The ACL may contain
either permit or deny keywords. Note that only the source IP address information
in the ACL is used; other ACL parameters are ignored.
global-pool <ip-addr/ip-addr-range/ip-addr-list>
The global address pool, defined in one of the following ways:
Asingle IP address in the form a.b.c.d
An IP address range in the form 10.10.1.1-10.10.1.50
IP address and mask in the form 1.2.0.0/255.255.0.0 or 1.2.3.0/16