Junos
Reply
Visitor
kebson
Posts: 7
Registered: ‎01-04-2012
0

Configure NAT with global security zone on SRX

hi all

i need to translate this Netscreen500 configration to junos.SRX

need your help thanks .

 

Netscreen config:

 

set interface ethernet1/2.115 ip 172.25.50.73/29
set interface ethernet1/2.115 route

 

set interface "ethernet1/2.115" mip 1.1.1.2 host 172.25.49.138 netmask 255.255.255.255
set policy id 37 from "Untrust" to "Global" "Any" "MIP(1.1.1.2)" "DNS" permit log


Distinguished Expert
Screenie
Posts: 1,085
Registered: ‎01-10-2008
0

Re: Configure NAT with global security zone on SRX

[ Edited ]

You need to configure 2 nat rules and 2 policies I think

 

1 source nat for outbound traffic

1 static nat to replace the MIP

 

1 policy outbound

1 policy inbound

 

Please read this first and come back with questions if something isn't clear:

 

http://www.juniper.net/us/en/local/pdf/app-notes/3500152-en.pdf 

 

best regards,

Screenie.
Juniper Ambassador,
JNCIA IDP AC WX JNCIS FW SSL JNCIP SEC ENT SP JNCI

If this worked for you please flag my post as an "Accepted Solution" so others can benefit. A kudo would be cool if you think I earned it.
Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.