Junos OS

last person joined: 4 days ago 

Ask questions and share experiences about Junos OS.

  • 1.  SRX to JunOS Config

    Posted 07-27-2015 02:40

    hello guys, i had this config below I just try it by hand but please correct me if I am wrong:

     

    Screen OS config below:
    set interface ethernet1 ip 192.168.15.254/24
    set interface ethernet1 nat

     

    SRX: (i'm not sure whether this is the correct translation for the above code)
    set rule-set rs1 from zone trust
    set rule-set rs1 to zone untrust
    set rule-set rs1 rule r1 match source-address 0.0.0.0/0
    set rule-set rs1 rule r1 match destination-address 0.0.0.0/0
    set rule-set rs1 rule r1 then source-nat interface

    set policy internet-access match source-address any destination-address any application any
    set policy internet-access then permit

     

     

    Any input is greatly appreciated?

     

    Is there a JunOS simulator that can be downloaded?

     

    Thanks.

     



  • 2.  RE: SRX to JunOS Config

     
    Posted 07-27-2015 02:45

    Hello ,

     

    The configuration is correct for interface based source NAT .  

     

    For Simulators please check  : http://www.juniper.net/us/en/products-services/nos/junosphere/



  • 3.  RE: SRX to JunOS Config

     
    Posted 07-27-2015 02:48

    Hello ,

     

    To add to the above , the policy configuration should look like :

     

    set security policies from-zone trust to-zone untrust policy internet-access match source-address any
    set security policies from-zone trust to-zone untrust policy internet-access match destination-address ant
    set security policies from-zone trust to-zone untrust policy internet-access match application any

    set security policies from-zone trust to-zone untrust policy internet-access  then permit



  • 4.  RE: SRX to JunOS Config
    Best Answer

    Posted 07-27-2015 03:30

    For the NAT rule you don't need the destination term but it won't hurt either.

     

    On the policy you are missing the zone designations.

     

    set security policies from-zone trust to-zone untrust policy trust-to-untrust match source-address any
set security policies from-zone trust to-zone untrust policy trust-to-untrust match destination-address any
set security policies from-zone trust to-zone untrust policy trust-to-untrust match application any
set security policies from-zone trust to-zone untrust policy trust-to-untrust then permit

    There is no simulator.  But there is a virual SRX you can request a demo download and use. 



  • 5.  RE: SRX to JunOS Config

    Posted 07-28-2015 01:30

    Thank you guys for your valuable input..

     

    JunOS has a lot of features that why needs a lot of typing..  🙂