Juniper SRX: One to many NAT

1.  
2. 88 88
3. ,d "" 88 ,d
4. 88 88 88
5. MM88MMM 88 8b,dPPYba, ,adPPYYba, 88,dPPYba, 8b d8 MM88MMM ,adPPYba, ,adPPYba,
6. 88 88 88P' "Y8 "" `Y8 88P' "8a `8b d8' 88 a8P_____88 I8[ ""
7. 88 88 88 ,adPPPPP88 88 d8 `8b d8' 88 8PP""""""" `"Y8ba,
8. 88, 88 88 88, ,88 88b, ,a8" `8b,d8' 88, "8b, ,aa aa ]8I
9. "Y888 88 88 `"8bbdP"Y8 8Y"Ybbd8"' Y88' "Y888 `"Ybbd8"' `"YbbdP"'
10. d8'
11. ################################################## d8' ##### http://www.tirabytes.com/ ##
12.  
13. ## One to many destination NAT
14.  
15.  
16.  
17. [edit security nat destination]
18. set pool server-ftp-1 address 10.1.1.100 port 21
19. set pool server-web-1 address 10.1.1.101 port 80
20.  
21. set rule-set rule-set-1 from zone untrust
22.  
23. set rule-set rule-set-1 rule rule-1 match destination-address 1.1.1.1
24. set rule-set rule-set-1 rule rule-1 match destination-port 21
25. set rule-set rule-set-1 rule rule-1 then destination-nat pool server-ftp-1
26.  
27. set rule-set rule-set-1 rule rule-2 match destination-address 1.1.1.1
28. set rule-set rule-set-1 rule rule-2 match destination-port 80
29. set rule-set rule-set-1 rule rule-2 then destination-nat pool server-web-1
30.  
31. [edit security]
32. set zones security-zone trust address-book address server-ftp-1 10.1.1.100/32
33. set zones security-zone trust address-book address server-web-1 10.1.1.101/32
34.  
35. [edit security policies from-zone untrust to-zone trust]
36. set policy server-access match source-address any destination-address [server-ftp-1 server-web-1]
37. application any
38. set policy server-access then permit