Junos OS

last person joined: 6 days ago 

Ask questions and share experiences about Junos OS.

  • 1.  New to Junos v.basic problem but cannot get traffic from internet to internal server

    Posted 08-10-2011 17:15
      |   view attached

    Hi, I am very new to Junos and have SRX210.  The device is setup and can access web from internal lan.  I have a number of static IPs assigned by ISP which I need to use to get traffic to internal web servers.  I have tried following many documents/examples on the net but obviously am missing something.  my external address is xx.xx.xx.78/29 and I have added the address xx.xx.xx.100/32 with proxy arp (tried to get 1 server working first).  My internal LAN is 10.0.200.0/24

     

    i need to get http and https to a server on 10.0.200.6 from address  xx.xx.xx.100 and to server 10.0.200.7 using address xx.xx.xx.102

     

    I have set up addresses etc but traffic still does not flow.  I have attached config, any ideas anyone?

     

    I really would appreciate the help as I am at a loss at the moment.

     

    TIA.

     

    Attachment(s)

    txt
    config.txt   7 KB 1 version


  • 2.  RE: New to Junos v.basic problem but cannot get traffic from internet to internal server
    Best Answer

    Posted 08-10-2011 22:33
    Hi,

    Your NAT rule is not correct:

    static {
    rule-set external_crm {
    from zone untrust;
    rule crm_server {
    match {
    destination-address 10.0.200.6/32;
    }
    then {
    static-nat prefix 10.0.200.6/32;
    }
    }
    }
    }

    Your match destination-address should be the pre-translated address, i.e the xx.xx.xx.100/32 address.

    HTHs.


  • 3.  RE: New to Junos v.basic problem but cannot get traffic from internet to internal server

    Posted 08-11-2011 00:22

    Hi Stefan,  thanks for your help, that sorted the problem out Smiley Very Happy