[j-nsp] SRX Static NAT
Bill Blackford
bblackford at gmail.com
Wed Mar 2 19:05:56 EST 2011
I am looking for a more efficient method to define/map several
scattered/non-contiguous static NATS. I can use pools to map ranges
for end user blocks, but this need is for publishing services
(servers) globally on a one by one basis.
ex.,
using the following method, I would need to make a separate rule and a
proxy-arp address for each one-to-one snat.
<snip>
static {
rule-set SNAT1 {
from interface ge-0/0/0.0;
rule SNAT-TEST0 {
match {
destination-address 66.x.y.6/32;
}
then {
static-nat prefix 192.168.1.65/32;
}
}
rule SNAT-TEST1 {
match {
destination-address 66.x.y.18/32;
}
then {
static-nat prefix 192.168.13.67/32;
}
}
}
}
proxy-arp {
interface ge-0/0/0.0 {
address {
66.x.y.6/32;
66.x.y.18/32;
}
}
}
</snip>
I remember doing a single line in screenos unless my recollection is off.
On the Cisco ASA/PIX, it's a single line 'static (inside,outside)
....' statement.
Is there an equivalently efficient method on the SRX?
Thank you in advance for any input.
-b
--
Bill Blackford
Network Engineer
Logged into reality and abusing my sudo privileges.....
More information about the juniper-nsp
mailing list