埠映射的問題。求助-有解無憂

  埠映射的問題。求助。
情況,如下述：單位現在在云南。
  現在單位外網由一臺華為AR120-S路由器通過移動ISP上外網，設定VLANIF1：10.10.10.1/24。下連華為S5720交換機，
  華為S5720配置VLANIF1000：10.10.10.2/24，上連AR120-S，已做路由，
  S5720配置VLANIF1：192.168.7.1/24，做內網網段上網。
  現有一臺落地式廣告機分配靜態IP：192.168.7.3/24上網。

現在因為業務需要，這臺廣告機需要接收來自北京一臺服務器的廣告推送，需要幾個埠傳輸12440,12441等，北京方面需要我方在AR120-S下上網介面做埠映射，開始做單獨映射對方告知連接失敗，現在做了全域映射依然失敗，小弟把配置發在下面，請大神幫忙看下，告知一下小弟哪里做錯了。謝謝！
dis ip int b

*down: administratively down

^down: standby

(l): loopback

(s): spoofing

(E): E-Trunk down

The number of interface that is UP in Physical is 3

The number of interface that is DOWN in Physical is 1

The number of interface that is UP in Protocol is 3

The number of interface that is DOWN in Protocol is 1

Interface                         IP Address/Mask      Physical   Protocol
Cellular0/0/0                     unassigned           down       down
Ethernet0/0/4                     183.224.178.43/25    up         up
NULL0                             unassigned           up         up(s)
Vlanif1                           10.10.10.1/24        up         up

<YN-PE-BDC-ROUTER>dis cur

[V200R005C20SPC200]

#

sysname YN-PE-BDC-ROUTER

#

drop illegal-mac alarm

#

ipv6

#

dns resolve

dns server 211.139.29.150

dns server 222.172.200.68

dns proxy enable

#

wlan ac-global carrier id other ac id 0

#

dhcp enable

#

pki realm default

enrollment self-signed

#

ssl policy default_policy type server

pki-realm default

#

acl name Ethernet0/0/4 2999

rule 5 permit

#

aaa

authentication-scheme default

authorization-scheme default

accounting-scheme default

domain default

domain default_admin

local-user admin password irreversible-cipher %@%@+4Zf~G0!L)>RY*SCmEVRKOSFW^*I'l9e@~L-|V.\!\(9OSIK%@%@

local-user admin privilege level 15

local-user admin service-type http

#

firewall zone Local

priority 16

#

nat alg ftp enable

#

interface Vlanif1

ip address 10.10.10.1 255.255.255.0

#

interface Ethernet0/0/0

#

interface Ethernet0/0/1

#

interface Ethernet0/0/2

#

interface Ethernet0/0/3

#

interface Ethernet0/0/4

tcp adjust-mss 1460

ip address 183.224.178.43 255.255.255.128

nat server protocol tcp global 211.103.219.50 any inside 192.168.7.1 any

nat outbound 2999

#

interface Cellular0/0/0

#

interface NULL0

#

info-center timestamp log format-date

#

snmp-agent local-engineid 800007DB03845B1276349E

#

http secure-server ssl-policy default_policy

http server enable

http secure-server enable

#

ip route-static 0.0.0.0 0.0.0.0 Ethernet0/0/4 183.224.178.1

ip route-static 192.168.7.0 255.255.255.0 10.10.10.2

#

user-interface con 0

authentication-mode password

set authentication password cipher %@%@P{V~9BxH'2aG~$){u`\0(n)b]+8M/Bo/4)dD~"9]R->!n)e(%@%@

user-interface vty 0

authentication-mode aaa

user privilege level 15

protocol inbound all

user-interface vty 1 4

authentication-mode aaa

protocol inbound all

#

wlan ac

#

return

<YN-PE-BDC-ROUTER>

uj5u.com熱心網友回復：

我方外網沒有架設任何服務器，上面的配置是前面做的，后面修改了
這個是原先的：
interface Ethernet0/0/4

tcp adjust-mss 1460

ip address 183.224.178.43 255.255.255.128

nat server protocol tcp global 211.103.219.50 any inside 192.168.7.1 any

nat outbound 2999
咨詢了華為官方之后
nat server protocol tcp global 211.103.219.50 any inside 192.168.7.1 any
改為了
nat server protocol tcp global 211.103.219.50 inside 192.168.7.1

uj5u.com熱心網友回復：

埠映射，不應該是7.3和外網地址來做嗎？

211.103.219.50 和183.224.178.43 是通的嗎？

轉載請註明出處，本文鏈接：https://www.uj5u.com/qita/121893.html

標籤：交換及路由技術

上一篇：【問題搬運】路由器進行NAT地址轉換時，如何避免可能出現的如下錯誤？

下一篇：TIME-WAIT狀態怎么知道對方有沒有收到最后一個ACK