I am new to juniper. Extensive experience with cisco/fortinet. I am learning my way around the junos but having some trouble. This should be overly simple but I am thinking some existing configuration may be stopping my changes from working. I have set static nat for a web server. This is working as I have tested "whats my ip" from google from the server. I can not seem to get the firewall policy to open up the ports I need (81 and 82) to the web server. I modified the policy for "any" and that still does not work.
My sanitized config is here.
http://paste.ofcode.org/JrDv7r8F4dWr5WXBwbeCSD
The external IP I am nating is 1.1.1.2 and the internal IP of the web server is 10.0.3.18 I am trying to forward ports 81 and 82 to this host. Using
static {
rule-set forecastingRS1 {
from zone untrust;
rule forecastingR1 {
match {
destination-address 1.1.1.2/32;
}
then {
static-nat prefix 10.0.3.18/32;
}
}
}
}
proxy-arp {
interface ge-0/0/3.0 {
address {
1.1.1.2/32;
}
}
}
}
policy forecastingpolicy {
match {
source-address any;
destination-address forecastingserver;
application [ 81 82 ];
}
then {
permit;