< Home

public-ip destination match enable (traffic policy view)

Function

The public-ip destination match enable command enables the public IP address matching function in NAT Server scenarios.

The undo public-ip destination match enable command disables the public IP address matching function in NAT Server scenarios.

Format

public-ip destination match enable

undo public-ip destination match enable

Parameters

None

Views

Traffic policy view

Default Level

2: Configuration level

Usage Guidelines

By default, this function is disabled.

For example, the original server IP address is 10.1.1.1. After NAT Server is configured, the private IP address is mapped to the public IP address 1.1.1.1. By default, the FW uses its private IP address 10.1.1.1 to match the destination IP address in a traffic policy. After the public IP address matching function is enabled, the FW will use its public IP address 1.1.1.1 to match the destination IP address in a traffic policy.

This function changes only the traffic policy matching mechanism. In actual scenarios, you must set a specific public IP address as the destination IP address of a traffic policy.

Example

# Enable the public IP address matching function in NAT Server scenarios.

<sysname> system-view
[sysname] traffic-policy
[sysname-policy-traffic] public-ip destination match enable
Parent Topic: Traffic Policy Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >