Advertisement
tirabytes

Juniper SRX: One to many NAT

Jul 14th, 2011
782
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.04 KB | None | 0 0
  1.  
  2. 88 88
  3. ,d "" 88 ,d
  4. 88 88 88
  5. MM88MMM 88 8b,dPPYba, ,adPPYYba, 88,dPPYba, 8b d8 MM88MMM ,adPPYba, ,adPPYba,
  6. 88 88 88P' "Y8 "" `Y8 88P' "8a `8b d8' 88 a8P_____88 I8[ ""
  7. 88 88 88 ,adPPPPP88 88 d8 `8b d8' 88 8PP""""""" `"Y8ba,
  8. 88, 88 88 88, ,88 88b, ,a8" `8b,d8' 88, "8b, ,aa aa ]8I
  9. "Y888 88 88 `"8bbdP"Y8 8Y"Ybbd8"' Y88' "Y888 `"Ybbd8"' `"YbbdP"'
  10. d8'
  11. ################################################## d8' ##### http://www.tirabytes.com/ ##
  12.  
  13. ## One to many destination NAT
  14.  
  15.  
  16.  
  17. [edit security nat destination]
  18. set pool server-ftp-1 address 10.1.1.100 port 21
  19. set pool server-web-1 address 10.1.1.101 port 80
  20.  
  21. set rule-set rule-set-1 from zone untrust
  22.  
  23. set rule-set rule-set-1 rule rule-1 match destination-address 1.1.1.1
  24. set rule-set rule-set-1 rule rule-1 match destination-port 21
  25. set rule-set rule-set-1 rule rule-1 then destination-nat pool server-ftp-1
  26.  
  27. set rule-set rule-set-1 rule rule-2 match destination-address 1.1.1.1
  28. set rule-set rule-set-1 rule rule-2 match destination-port 80
  29. set rule-set rule-set-1 rule rule-2 then destination-nat pool server-web-1
  30.  
  31. [edit security]
  32. set zones security-zone trust address-book address server-ftp-1 10.1.1.100/32
  33. set zones security-zone trust address-book address server-web-1 10.1.1.101/32
  34.  
  35. [edit security policies from-zone untrust to-zone trust]
  36. set policy server-access match source-address any destination-address [server-ftp-1 server-web-1]
  37. application any
  38. set policy server-access then permit
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement