nat port range
Function
The nat port range command specifies the range of ports after NAT is performed.
The undo nat port range restores the default port range of 2048 to 65535.
This command is effective only for PAT and 3-tuple-NAT. For port pre-allocation or static mapping, this command is not effective.
Parameters
| Parameter | Description | Value |
|---|---|---|
begin-port |
Specifies the start public port number. |
The value is an integer ranging from 2048 to 65535. Default Value is 2048. |
end-port |
Specifies the end public port number. |
The value is an integer ranging from 2048 to 65535. Default Value is 65535. NOTICE:
The number of ports cannot be smaller than 2048. If the value of begin-port is set to 2048, the value of end-port cannot be smaller than 4096. A narrow port range may affect services. It is recommended that the range is not smaller than 10000. |
Usage Guidelines
In dual-system hot backup load balancing mode, if the port ranges of the NAT address pools are specified on both FWs using the hrp nat resource { primary-group | secondary-group } command, and the post-NAT port range is configured using the nat port range command, the FW on which the hrp nat resource primary-group command is executed uses first half of the specified post-NAT port range, and the device on which the hrp nat resource secondary-group command is executed uses the second half. For example, the configured port range is from 10000 to 30000. The device on which the hrp nat resource primary-group command is executed uses ports 10000 to 20000, and the device on which the hrp nat resource secondary-group command is executed uses ports 20001 to 30000.
Only the USG6530E,USG6515E/6550E/6560E/6580E, USG6525E/6555E/6565E/6575E-B/6585E/6605E-B, USG6610E/6620E, USG6615E/6625E and USG6630E/6650E support this command.