You'll need something like the below:
root# show security nat destination
pool 125 {
address 192.168.1.108/32 port 125;
}
pool 1433 {
address 192.168.1.108/32 port 1433;
}
rule-set ruleset1 {
from zone untrust;
rule 1 {
match {
destination-address 172.16.1.3/32;
destination-port {
125;
}
}
then {
destination-nat {
pool {
125;
}
}
}
}
rule 2 {
match {
destination-address 172.16.1.3/32;
destination-port {
1433;
}
}
then {
destination-nat {
pool {
1433;
}
}
}
}
}
Dont forget to add proxy-arp.
Regards,
Srinath
Please Mark My Solution Accepted if it Helped, Kudos are Appreciated too