[j-nsp] Configuring NAT on J2300
Chris Adams
cmadams at hiwaay.net
Wed May 10 11:41:20 EDT 2006
Once upon a time, Harry Reynolds <harry at juniper.net> said:
> I am not 100% sure, but believe you can use the IP assigned to the
> interfaces as a NAT pool. In fact, the j-series training material
> NAT/SFW lab does just this. AFAIK it still works, but I have not messed
> with it for over a year now.
>
> What does the show services nat pool command display when you encounter
> the problem?
Working on .205:
admin at offgw> show services nat pool one-ip detail
Interface: sp-0/0/0, Service set: do-nat
NAT pool: one-ip, Translation type: dynamic
Address range: x.x.x.205-x.x.x.205
Port range: 512-65535, Ports in use: 1, Out of port errors: 0,
Max ports used: 8
Not working on .203:
admin at offgw> show services nat pool one-ip detail
Interface: sp-0/0/0, Service set: do-nat
NAT pool: one-ip, Translation type: dynamic
Address range: x.x.x.203-x.x.x.203
Port range: 512-65535, Ports in use: 1, Out of port errors: 0,
Max ports used: 8
If I dump the traffic at the far end, I see translated traffic getting
to the far end (e.g. if I "ssh remotehost" from the private LAN while
running tcpdump on "remotehost", I see traffic from x.x.x.203).
--
Chris Adams <cmadams at hiwaay.net>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.
More information about the juniper-nsp
mailing list