Log in to ask questions, share your expertise, or stay connected to content you value. Don’t have a login? Learn how to become a member.
Hi all,
Can anyone help me, I want to translate my internal IP 192.168.0.x/24 with a public IP 2.2.2.5/32 and not 1.1.1.1
For exemple:
untrust: eth0/0: 1.1.1.1/30
trust: eth0/2:192.168.1.0/24
public virtual IP : 2.2.2.0/24
Thanks in advance
set interface ethernet0/0 mip 2.2.2.5 host 192.168.0.x netmask 255.255.255.255 vr trust-vr
If that's not good for your purpose, read more from http://kb.juniper.net/index?page=content&id=KB11909
Hi,
If you mean the source NAT for outbound connections, you should configure a DIP (multiple DIPs) as extended IP. You'll find this option in the Web UI while configuring DIP. Selecting "extended IP" enables the use of the IPs not belonging to the interface subnet. As soon as this has been configured the DIP pools can be selected in the poilcies for the source NAT. I usually configure multiple DIP pools, each containing a single IP to obtain one-to-one or many-to-one mappings.
All NAT aspects are very good documented in the "Concepts and examples" and KB articles.
Kind regards,
Edouard
... you can also create range-to-range or subnet-to-subnet mappins with and without PAT. Read the C&E. There are very detailed example descriptions there.
Thanks for your reply.
I tested the configuration with a DIP as extended IP and it works.
thanks a lot