Hoping someone can help me with this config question that I can't figure out. I am looking to setup a VoIP phone server on a network I support. They need various services forwarded to their servers from the public IP addres for managment and functionality. Everything was good when they had one device, but now they added another for expansion, and I can't figure out how to forward based on the port. Here is what I need:
TCP 22 (SSH) to 192.168.10.17
UDP 69 (TFTP) to 192.168.10.17
UDP 123 (NTP) to 192.168.10.17
UDP 33000-33070 (RTP/RTCP Softphone) to 192.168.10.17
UDP 5060-5061 (SIP) to 192.168.10.17
UDP 21000–21239 (SBC) to 192.168.10.17
TCP 7100-7505 (UI /MXIE) to 192.168.10.17
UDP 20000-20999 (RTP) to 192.168.10.18
UDP 75 (MX Cluster) to 192.168.10.17
and here is the relavant config
nat {
}
destination {
pool dest-nat-zultys-main {
address 192.168.10.17/32;
}
pool dest-nat-zultys-rtp {
address 192.168.10.18/32;
}
}
rule-set ruleset-inbound {
from interface ge-0/0/0.0;
rule r5 {
match {
destination-address A.Public.IP.Addr/32;
}
then {
destination-nat {
pool {
dest-nat-zultys-main;
}
}
}
}
}
}
policies {
}
from-zone untrust to-zone trust {
policy server-zultys {
match {
source-address any;
destination-address zultys-main;
application any;
}
then {
permit;
}
}
}
zones {
security-zone trust {
address-book {
address zultys-main 192.168.10.17/32;
address zultys-rtp 192.168.10.18/32;
}
So, any thoughts. Some of the research I am seeing says this can't be done, but none of what I have seen has gotten this to work.