Junos OS

last person joined: 7 days ago 

Ask questions and share experiences about Junos OS.

  • 1.  Exception for Source NAT

    Posted 02-26-2010 10:45

    Hi everyone,

    Got this configuration for NAT (using J2350 with Junos 9.6):

    # show security nat
    source {
        rule-set interface-nat {
            from interface ge-0/0/2.0;
            to interface ge-0/0/1.0;
            rule rede-santoamaro {
                match {
                    source-address 10.2.1.0/24;
                }
                then {
                    source-nat {
                        interface;
                    }
                }
            }
        }
    }

     

    but I don't want traffic destinated to 10.0.0.0/8 to pass through NAT. How can I do that?

     

    regards



  • 2.  RE: Exception for Source NAT
    Best Answer

    Posted 02-27-2010 00:51

    Hello,

    See if this helps

     

     

    set security nat source rule-set interface-nat rule rede-santoamaro-except match source-address 10.2.1.0/24
set security nat source rule-set interface-nat rule rede-santoamaro-except match destination-address 10/8
set security nat source rule-set interface-nat rule rede-santoamaro-except then source-nat off
insert security nat source rule-set interface-nat rule rede-santoamaro-except before rule rede-santoamaro

     

     

    HTH

    Rgds

    Alex