09-13-2010 10:49 PM
Hi,
Is it possible in Junos not to specify the destination address when doing port forwarding?
I try to translate this statement from ScreenOS into Junos:
set interface untrust vip untrust 25 "SMTP" 192.168.168.9
rule-set port-forwarding { from zone untrust; rule r1 { match { destination-port 25; ## Warning: missing mandatory statement(s): 'destination-address' } then { destination-nat pool s1-SMTP; } } }
Regards,
Tom
09-15-2010 09:08 AM
Can you please provide the "get conf | i untrust" from the screenOs box.
Thanks
Atif
09-15-2010 09:33 AM
If you do not care about the address in the match condition for destination address provide "0.0.0.0/0"
This will match any address and not care about teh specific prefix .
09-16-2010 06:21 PM
Thanks routeruser, but how to configure the proxy-arp?
commit check[edit security nat proxy-arp interface pp0.0] 'address 0.0.0.0/0' IP address 0.0.0.0 is invaliderror: configuration check-out failed
09-17-2010 04:25 AM
try this, not proxy arp needed if you are using the interface IP.
ule-set port-forwarding { from zone untrust; rule r1 { match { destination-port 25; destination-address 0.0.0.0/0; } then { destination-nat pool s1-SMTP; } }}
-Pra
