[j-nsp] Static NAT
Matt Stevens
matt at elevate.org
Thu Nov 1 20:29:32 EDT 2007
I'm a recent Cisco convert - trying to wrap my head around the Juniper
was of dealing with NAT.
I'm trying to get a setup working where I can allow inbound traffic
through the NAT to specific internal machines.
Ideally I'd like to be able to map things at a port level - ie. port 80
on external address X goes to port Y on internal address Z.
I have things working to the point where I can NAT a specific internal
address to a specific external address (see config at the end), with
everyone else using PAT on a different address. But I can't seem to
figure out how I allow inbound traffic through.
This is on a J-4350, if that makes any difference...
Any pointers in the right direction would be most appreciated!
--
matt
Here's my service nat config. I have the service-set for this applied on
the internal interface:
rule NAT {
match-direction input;
term static-matt {
from {
source-address {
192.168.1.238/32;
}
}
then {
translated {
source-pool static-matt;
translation-type {
source static;
}
}
}
}
term dynamic {
then {
translated {
source-pool dynamic;
translation-type {
source dynamic;
}
}
}
}
}
}
More information about the juniper-nsp
mailing list