SRX

last person joined: yesterday 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

  • 1.  Quick Question about NAT/PAT possibilites

    Posted 10-23-2015 12:09

    I looked around and while I have seen many things addressing various NAT or PAT issues, I can't seem to nail down an answer to this simple question/use case.

     

    Can I used a Destination NAT for just translating the port?

    For example:

     

    Traffic to destination 1.1.1.100 on port 80 is translated to 1.1.1.100 on port 8080

     

    I have been reading this:

    https://kb.juniper.net/library/CUSTOMERSERVICE/technotes/Junos_NAT_Examples.pdf

     

    but as I don't have access to a SRX myself, I can't test it.

     

     

    Thank you for your time!

     



  • 2.  RE: Quick Question about NAT/PAT possibilites
    Best Answer

     
    Posted 10-26-2015 23:00

    Hello ,

     

    You can do that , no one will stop you Smiley Wink . PFA the configuration :

     

    set security nat destination pool POOL-1 address 1.1.1.100/32                                   
    set security nat destination pool POOL-1 address port 8080
    set security nat destination rule-set Test from zone XXXX
    set security nat destination rule-set Test rule NAT-1 match destination-address 1.1.1.100/32
    set security nat destination rule-set Test rule NAT-1 match destination-port 80
    set security nat destination rule-set Test rule NAT-1 then destination-nat pool POOL-1



  • 3.  RE: Quick Question about NAT/PAT possibilites

    Posted 10-27-2015 04:42

    Thanks Sam!