Do one of the following:

1. To configure NAT on a base routing instance, in the navigation tree Routing view, expand Network→NE→Routing Instance. Right-click on a routing instance icon that has a NAT configuration and choose Properties. The Routing Instance (Edit) form opens.

2. To configure NAT on a VPRN routing instance, choose Manage→Service→Services from the NFM-P main menu. The Manage Services form opens. Choose a VPRN service and click Properties. The VPRN Service (Edit) form opens. On the service navigation tree, expand the Sites icon. Right-click on a routing instance icon that has a NAT configuration and choose Properties. The Routing Instance (Edit) form opens.

Click on the NAT tab.

Click Create or select an existing entry and click Properties. The NAT Configuration form (Create|Edit) opens.

Click on the Hints button at the bottom of the form to display information about the various NAT components and options available.

Configure the MTU parameter.

Click Select to assign any of the following types of ACL IP filter policy:

• Upstream IPv4 Filter

• Downstream IPv4 Filter

• Upstream IPv6 Filter

• Downstream IPv6 Filter

See To configure an ACL IP filter policy for information about configuring an ACL IP filter policy.

Configure one or more NAT pools.

Perform the following steps:

1. Click Create or select an existing entry and click Properties. The NAT Pool form (Create|Edit) appears.

2. Configure the required parameters.

   The Deterministic NAT Port Reservation and Port Forwarding Dynamic Block Reservation parameters are mutually exclusive. If one is configured, the other is disabled. The Port Forwarding Dynamic Block Reservation parameter applies only to large scale NAT pools.

   The Application Agnostic parameter can only be configured at NAT pool creation time. When a NAT pool is configured as application-agnostic, the Subscriber Limit, Deterministic NAT Port Reservation, Port Forwarding Dynamic Block Reservation, Pool Mode, Port Reservation (Type and Value), and Port Forward Range End parameters are pre-configured and cannot be changed.

   If the NAT Pool Type parameter is set to L2–aware, you can configure the External Assignment parameter, if required.

3. If the NAT pool belongs to a PFSG, click Select in the Redundancy panel to assign a lead NAT pool for the PFSG.

4. Select an ISA-NAT group for the NAT pool. See To configure an ISA-NAT group for information about configuring a ISA-NAT group.

5. Click on the NAT Pool Ranges tab.

6. Click Create or select an existing entry and click Properties. The Pool Range form (Create|Edit) opens.

7. Configure the required parameters.

8. Save your changes and close the forms. The NAT Configuration form reappears.

Click on the Inside tab.

Perform the following steps:

1. In the Deterministic NAT panel, select a NAT policy.

   Note:

   The NAT policy you choose must be distributed to the local NE, and the local definition of the NAT policy must be configured with a NAT pool.

2. Click Select to choose a NAT policy, as required. If you select a NAT policy, the NAT 64 Enabled parameter also becomes configurable, if required.

3. Click Select to choose a Downstream IPv4 filter, as required.

4. If a RADIUS Proxy Server is in use, click Select in the RADIUS Proxy Server panel and choose the following:

   • routing instance

   • RADIUS proxy server; see To configure a RADIUS proxy server on a routing instance. The selection of the RADIUS Proxy Server Name is dependent on the selected routing instance. You can only select servers enabled for accounting.

5. In the RADIUS Vendor Information panel select a RADIUS attribute type.

6. In the DNAT Only panel, select a DNAT source prefix list.

Click on the L2 Aware IP Addresses tab to configure IP addresses for L2-aware NAT forwarding.

Perform the following steps:

1. Click Create or choose an existing entry and click Properties. The L2 Aware IP Address, Routing Instance (Create|Edit) form opens.

2. Configure the required parameters.

3. Save your changes and close the form. The NAT Configuration form reappears.

Click on the DS Lite Address tab to configure DS Lite addresses.

In order to assign DS Lite Addresses, you must assigned a NAT policy in Step 8.

1. Click Create or choose an existing entry and click Properties. The Dual Stack Lite Address (Create|Edit) form opens.

2. Configure the required parameters.

   If address IP fragmentation is enabled, the Tunnel MTU parameter value must be equal to or greater than 1232 bytes.

3. Save your changes and close the form. The NAT Configuration form reappears.

Click on the NAT 64 tab to configure NAT 64.

In order to configure NAT 64, you must enable the NAT 64 Enabled parameter in Step 8.

1. Configure the Subscriber Prefix Length parameter.

2. If the Administrative State parameter is set to Out Of Service, you can configure the required parameters.

   Bits 64 to 71 of the NAT Destination Prefix parameter should be set to zero in order for the prefix value to be in compliance with RFC6052.

   If IP fragmentation is enabled, the IPv6 MTU parameter value must be equal to or greater than 1280 bytes.

Click on the Destination Prefixes tab to configure inside NAT destination addresses.

Perform the following steps:

1. Click Create or choose an existing entry and click Properties. The Destination Prefix (Create|Edit) form opens.

2. Configure the required parameters:

3. If you require a local NAT policy configuration for the destination prefix, click Select and choose a NAT policy. See To configure a NAT policy.

4. Save your changes and close the form. The NAT Configuration form reappears.

Click on the Deterministic Prefixes tab to configure inside NAT deterministic prefixes.

In order to configure a NAT deterministic prefix, you must have configured one of the Deterministic NAT parameters in Step 8.

1. Click Create or choose an existing entry and click Properties. The Deterministic NAT Prefix (Create|Edit) form opens.

2. Configure the required parameters.

3. Select a NAT policy. See To configure a NAT policy.

4. In the Deterministic Map panel, click Create or choose an existing entry and click Properties. The Deterministic NAT Map, Routing Instance (Create|Edit) form opens.

5. Configure the required parameters.

6. Save your changes and close the forms. The NAT Configuration form reappears.

Click on the NAT Port Forwarding tab to configure NAT port forwarding.

Perform the following steps:

1. Configure the Resync Static and Dynamic parameter, if required. If this parameter is enabled, both static and dynamic forwarders are retrieved from the NE.

   Static port forwards are persisted in the NFM-P database. Dynamic port forwards are retrieved from the NE, and are retained in the NFM-P GUI only for the duration of the current session.

2. Click on the Static tab.

3. Click Create or choose an existing entry and click Properties. The NAT Static Port Forwarding (Create|Edit) form opens.

4. Configure the required parameters.

   You cannot specify the same set of Inside Port and Protocol values in more than one static port mapping to an Inside IP Address.

   You can specify the same Outside Port value in multiple mappings to an Inside IP Address.

   The B4 Address and AFTR Address parameters apply only to DS Lite LSN configurations.

5. If you require a local NAT policy configuration for NAT port forwarding, click Select and choose a NAT policy. See To configure a NAT policy.

6. If a redundant pool configuration is in use, click Select and choose the following for the standby pool.

   • routing instance

   • NAT policy; see To configure a NAT policy

7. Save your changes and close the forms. The NAT Configuration form reappears.

Click Resync NAT Port Forward and confirm the synchronization.

Save your changes and close the form.

End of steps