[j-nsp] NAT

Manu Chao linux.yahoo at gmail.com
Wed Jun 18 14:17:27 EDT 2008


I have configured Source NAT on a J router by using the public WAN IP for
the NAT pool range.
NAT work fine but i can no longer manage my router from the public

How can i correct my NAT configuration in order to manage my router with the
same IP than the NAT POOL?
Is it possible or need i an additionnal public IP?

Here is my configuration:

interfaces {
    ge-/0/0/0 {
        description WAN;
        unit 0 {
            family inet {
                service {
                    input {
                        service-set jweb-wan-sfw-service-set;
                    output {
                        service-set jweb-wan-sfw-service-set;

services {

    service-set jweb-wan-sfw-service-set {
        stateful-firewall-rules jweb-sfw-to-wan;
        stateful-firewall-rules jweb-sfw-from-wan;
        nat-rules jweb-nat-to-wan;
        interface-service {
            service-interface sp-0/0/0;

    nat {
        pool jweb-nat-pool {
            port automatic;
        rule jweb-nat-to-wan {
            match-direction output;
            term jweb-nat-term {
                then {
                    translated {
                        source-pool jweb-nat-pool;
                        translation-type {
                            source dynamic;

Any help will be appreciated!!!!


More information about the juniper-nsp mailing list