[j-nsp] Multiple mapped IPs on SSG-550
Vincent De Keyzer
vincent at autempspourmoi.be
Thu Feb 7 07:23:43 EST 2008
Hi,
I'm quite new to Netscreens, so I hope this is a very easy question.
Say A.B.C.0/24 is some public IP range.
I'm trying to set up the following (SSG-550):
* A.B.C.0/27 on the Untrust sub-interface
* 10.0.0.0/24 on a DMZ sub-interface (where servers do support NAT)
* A.B.C.32/27 on another DMZ sub-interface (where servers do not
support NAT)
I would like to map (incoming web traffic):
* port 80 of A.B.C.1 => port 80 of 10.0.0.101.
* port 80 of A.B.C.2 => port 80 of 10.0.0.102.
Is this possible? For some reason I don't have the possibility to create
a VIP on the Untrust interface at the moment (and I'm not even sure you
can have VIPs with different IP addresses on the same interface...)
Vincent
More information about the juniper-nsp
mailing list