< Home

destination-zone (NAT policy rule view)

Function

The destination-zone command specifies a destination security zone in a NAT policy rule.

The undo destination-zone command deletes a destination security zone specified in a NAT policy rule.

Format

destination-zone zone-name

undo destination-zone zone-name

Parameters

Parameter Description Value
zone-name Specifies the name of a security zone. The security zone must exist. The value is a case-sensitive character string. The length of a name without spaces ranges from 1 to 32 characters. The length of a name with spaces ranges from 3 to 34 characters. If a name contains spaces, the name must be enclosed with quotation marks (for example, "user for test"). The name cannot contain any question marks (?), commas (,), or quotation marks (").

Views

NAT policy rule view

Default Level

2: Configuration level

Usage Guidelines

Either a destination security zone or a WAN interface can be specified in a NAT policy rule. If both a destination security zone and a WAN interface are configured for a NAT policy rule, the latest configuration overrides the previous one.

By default, the security zone in a NAT policy rule is set to any, and multiple security zones can be configured.

Example

# Set the destination zone to untrust in a NAT policy rule named abc.

<sysname> system-view
[sysname] nat-policy 
[sysname-policy-nat] rule name abc 
[sysname-policy-nat-rule-abc] destination-zone untrust
Parent Topic: NAT Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >