Specifications
SSR Command Line Interface Reference Manual 465
nat create dynamic
A list of IP addresses, separated by spaces and enclosed in quotation marks
Note: Do not specify more than 64K global addresses.
matches-interface <interface>
Specifies the interface to use for multiple global pools.
enable-ip-overload
Enables Port Address Translation (PAT) if no global addresses are available from
the pool. This allows many local addresses to be bound to a single global address
using port numbers 1024 through 4999 (port numbers are not configurable). With
PAT, multiple IP addresses can map to a single IP address with multiple numbers.
Note: Protocols like ICMP do not work with the enable-ip-overload option. Thus, the
ping command will not work if this option is used.
Restrictions
None.
Examples
To configure address pools for dynamic address bindings, first configure the ACL that
corresponds to the local IP address pool. In the following example, the ACL ‘lcl’
corresponds to IP addresses from 10.1.1.1 to 10.1.1.254:
Then, specify this ACL for the local IP address pool for dynamic address bindings with
global addresses 136.1.1.1 to 136.1.1.254:
The following examples show the use of Port Address Translation, where the global pool
consists of only two specified IP addresses. In the following example, the ACL ‘lcl’
corresponds to IP addresses from 10.1.1.1 to 10.1.1.254:
Then, specify this ACL for the local IP address pool for dynamic address bindings with
global addresses 136.1.1.1 and 136.1.1.2 with Port Address Translation enabled:
ssr(config)# acl lcl permit ip 10.1.1.0/24
ssr(config)# nat create dynamic local-acl-pool lcl global-pool
136.1.1.0/24
ssr(config)# acl lcl permit ip 10.1.1.0/24
ssr(config)# nat create dynamic local-acl-pool lcl global-pool
136.1.1.1-136.1.1.2 enable-ip-overload