[j-nsp] NAT
Stefan Fouant
sfouant at gmail.com
Wed Jun 18 15:11:08 EDT 2008
It's possible...
Let's see your stateful-firewall rules...
Stefan Fouant
Principal Network Engineer
NeuStar, Inc. - http://www.neustar.biz
On Wed, Jun 18, 2008 at 2:17 PM, Manu Chao <linux.yahoo at gmail.com> wrote:
> Hello,
>
> I have configured Source NAT on a J router by using the public WAN IP for
> the NAT pool range.
> NAT work fine but i can no longer manage my router from the public
> network...
>
> Questions:
> How can i correct my NAT configuration in order to manage my router with
> the
> same IP than the NAT POOL?
> Is it possible or need i an additionnal public IP?
>
> Here is my configuration:
>
> interfaces {
> ge-/0/0/0 {
> description WAN;
> unit 0 {
> family inet {
> service {
> input {
> service-set jweb-wan-sfw-service-set;
> }
> output {
> service-set jweb-wan-sfw-service-set;
> }
> }
> address 1.1.1.1/24;
>
> services {
>
> service-set jweb-wan-sfw-service-set {
> stateful-firewall-rules jweb-sfw-to-wan;
> stateful-firewall-rules jweb-sfw-from-wan;
> nat-rules jweb-nat-to-wan;
> interface-service {
> service-interface sp-0/0/0;
> }
>
> nat {
> pool jweb-nat-pool {
> address-range 1.1.1.1/32;
> port automatic;
> }
> rule jweb-nat-to-wan {
> match-direction output;
> term jweb-nat-term {
> then {
> translated {
> source-pool jweb-nat-pool;
> translation-type {
> source dynamic;
>
>
> Any help will be appreciated!!!!
>
> Regards,
> Manu
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
More information about the juniper-nsp
mailing list