Junos
Reply
Visitor
ehomo
Posts: 6
Registered: ‎01-22-2009
0

Destination nat with port translation Junos (Legacy Services)

Hi all.

 

I have  j2320 box with JUNOS Software Release [9.3R3.8].

If i configure destination nat with " next-hop-service" style on this box, i can make only "straight" port translation.

i.e. this "nat rule" means translate destination ip address from EXT-IP to INT-IP and keep destination port unchanged.

 

    rule pin-hole {

        match-direction output;

        term ports-50001 {

            from {

                destination-address {

                    EXT-IP/32;

                }

                application-sets ports-50001;

            }

            then {

                translated {

                    destination-prefix INT-IP/32;

                    translation-type {

                        destination static;

                    }

                }

            }

        }

    }

 

 

when i configure destination nat with destination-pool then i get error. 

 

[edit services nat rule custom-nat term main then]

  'translated'

    'destination static' is not compatible with 'port' in pool pin-hole-w-pat

error: configuration check-out failed

 

     rule custom-nat {

        match-direction output;

        term main {

            from {

                source-address {

                    any-unicast;

                }

                destination-address {

                    EXT-IP/32;

                }

                applications ports-50001;

            }

            then {

                translated {

                    destination-pool pin-hole-w-pat;

                    translation-type {

                        destination static;

                    }

                }

            }

        }

     pool pin-hole-w-pat {

        address INT-IP/32;

        port range low 80 high 80;

    }

 


 

My question is:  Is it possible to configure destination nat with destination port translation on junos for j-series (Legacy Services)?

Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.